Theory AOT_PLM

1(*<*)
2theory AOT_PLM
3  imports AOT_Axioms
4begin
5(*>*)
6
7section‹The Deductive System PLM›
8text‹\label{PLM: 9}›
9
10(* constrain sledgehammer to the abstraction layer *)
11unbundle AOT_no_atp
12
13subsection‹Primitive Rule of PLM: Modus Ponens›
14text‹\label{PLM: 9.1}›
15
16AOT_theorem "modus-ponens":
17  assumes φ and φ  ψ
18  shows ψ
19  (* NOTE: semantics needed *)
20  using assms by (simp add: AOT_sem_imp)
21lemmas MP = "modus-ponens"
22
23subsection‹(Modally Strict) Proofs and Derivations›
24text‹\label{PLM: 9.2}›
25
26AOT_theorem "non-con-thm-thm":
27  assumes  φ
28  shows  φ
29  using assms by simp
30
31AOT_theorem "vdash-properties:1[1]":
32  assumes φ  Λ
33  shows  φ
34  (* NOTE: semantics needed *)
35  using assms unfolding AOT_model_act_axiom_def by blast
36
37text‹Convenience attribute for instantiating modally-fragile axioms.›
38attribute_setup act_axiom_inst =
39  ‹Scan.succeed (Thm.rule_attribute []
40    (K (fn thm => thm RS @{thm "vdash-properties:1[1]"})))
41  "Instantiate modally fragile axiom as modally fragile theorem."
42
43AOT_theorem "vdash-properties:1[2]":
44  assumes φ  Λ
45  shows  φ
46  (* NOTE: semantics needed *)
47  using assms unfolding AOT_model_axiom_def by blast
48
49text‹Convenience attribute for instantiating modally-strict axioms.›
50attribute_setup axiom_inst =
51  ‹Scan.succeed (Thm.rule_attribute []
52    (K (fn thm => thm RS @{thm "vdash-properties:1[2]"})))
53  "Instantiate axiom as theorem."
54
55text‹Convenience methods and theorem sets for applying "cqt:2".›
56method cqt_2_lambda_inst_prover =
57  (fast intro: AOT_instance_of_cqt_2_intro)
58method "cqt:2[lambda]" =
59  (rule "cqt:2[lambda]"[axiom_inst]; cqt_2_lambda_inst_prover)
60lemmas "cqt:2" =
61  "cqt:2[const_var]"[axiom_inst] "cqt:2[lambda]"[axiom_inst]
62  AOT_instance_of_cqt_2_intro
63method "cqt:2" = (safe intro!: "cqt:2")
64
65AOT_theorem "vdash-properties:3":
66  assumes  φ
67  shows Γ  φ
68  using assms by blast
69
70AOT_theorem "vdash-properties:5":
71  assumes Γ1  φ and Γ2  φ  ψ
72  shows Γ1, Γ2  ψ
73  using MP assms by blast
74
75AOT_theorem "vdash-properties:6":
76  assumes φ and φ  ψ
77  shows ψ
78  using MP assms by blast
79
80AOT_theorem "vdash-properties:8":
81  assumes Γ  φ and φ  ψ
82  shows Γ  ψ
83  using assms by argo
84
85AOT_theorem "vdash-properties:9":
86  assumes φ
87  shows ψ  φ
88  using MP "pl:1"[axiom_inst] assms by blast
89
90AOT_theorem "vdash-properties:10":
91  assumes φ  ψ and φ
92  shows ψ
93  using MP assms by blast
94lemmas "→E" = "vdash-properties:10"
95
96subsection‹Two Fundamental Metarules: GEN and RN›
97text‹\label{PLM: 9.3}›
98
99AOT_theorem "rule-gen":
100  assumes for arbitrary α: φ{α}
101  shows α φ{α}
102  (* NOTE: semantics needed *)
103  using assms by (metis AOT_var_of_term_inverse AOT_sem_denotes AOT_sem_forall)
104lemmas GEN = "rule-gen"
105
106AOT_theorem "RN[prem]":
107  assumes Γ  φ
108  shows Γ  φ
109  by (meson AOT_sem_box assms image_iff) (* NOTE: semantics needed *)
110AOT_theorem RN:
111  assumes  φ
112  shows φ
113  using "RN[prem]" assms by blast
114
115subsection‹The Inferential Role of Definitions›
116text‹\label{PLM: 9.4}›
117
118AOT_axiom "df-rules-formulas[1]":
119  assumes φ df ψ
120  shows φ  ψ
121  (* NOTE: semantics needed *)
122  using assms
123  by (auto simp: assms AOT_model_axiomI AOT_model_equiv_def AOT_sem_imp)
124AOT_axiom "df-rules-formulas[2]":
125  assumes φ df ψ
126  shows ψ  φ
127  (* NOTE: semantics needed *)
128  using assms
129  by (auto simp: AOT_model_axiomI AOT_model_equiv_def AOT_sem_imp)
130(* NOTE: for convenience also state the above as regular theorems *)
131AOT_theorem "df-rules-formulas[3]":
132  assumes φ df ψ
133  shows φ  ψ
134  using "df-rules-formulas[1]"[axiom_inst, OF assms].
135AOT_theorem "df-rules-formulas[4]":
136  assumes φ df ψ
137  shows ψ  φ
138  using "df-rules-formulas[2]"[axiom_inst, OF assms].
139
140
141AOT_axiom "df-rules-terms[1]":
142  assumes τ{α1...αn} =df σ{α1...αn}
143  shows (σ{τ1...τn}  τ{τ1...τn} = σ{τ1...τn}) &
144         (¬σ{τ1...τn}  ¬τ{τ1...τn})
145  (* NOTE: semantics needed *)
146  using assms
147  by (simp add: AOT_model_axiomI AOT_sem_conj AOT_sem_imp AOT_sem_eq
148                AOT_sem_not AOT_sem_denotes AOT_model_id_def)
149AOT_axiom "df-rules-terms[2]":
150  assumes τ =df σ
151  shows (σ  τ = σ) & (¬σ  ¬τ)
152  by (metis "df-rules-terms[1]" case_unit_Unity assms)
153(* NOTE: for convenience also state the above as regular theorems *)
154AOT_theorem "df-rules-terms[3]":
155  assumes τ{α1...αn} =df σ{α1...αn}
156  shows (σ{τ1...τn}  τ{τ1...τn} = σ{τ1...τn}) &
157         (¬σ{τ1...τn}  ¬τ{τ1...τn})
158  using "df-rules-terms[1]"[axiom_inst, OF assms].
159AOT_theorem "df-rules-terms[4]":
160  assumes τ =df σ
161  shows (σ  τ = σ) & (¬σ  ¬τ)
162  using "df-rules-terms[2]"[axiom_inst, OF assms].
163
164subsection‹The Theory of Negations and Conditionals›
165text‹\label{PLM: 9.5}›
166
167AOT_theorem "if-p-then-p": φ  φ
168  by (meson "pl:1"[axiom_inst] "pl:2"[axiom_inst] MP)
169
170AOT_theorem "deduction-theorem":
171  assumes φ  ψ
172  shows φ  ψ
173  (* NOTE: semantics needed *)
174  using assms by (simp add: AOT_sem_imp)
175lemmas CP = "deduction-theorem"
176lemmas "→I" = "deduction-theorem"
177
178AOT_theorem "ded-thm-cor:1":
179  assumes Γ1  φ  ψ and Γ2  ψ  χ
180  shows Γ1, Γ2  φ  χ
181  using "→E" "→I" assms by blast
182AOT_theorem "ded-thm-cor:2":
183  assumes Γ1  φ  (ψ  χ) and Γ2  ψ
184  shows Γ1, Γ2  φ  χ
185  using "→E" "→I" assms by blast
186
187AOT_theorem "ded-thm-cor:3":
188  assumes φ  ψ and ψ  χ
189  shows φ  χ
190  using "→E" "→I" assms by blast
191declare "ded-thm-cor:3"[trans]
192AOT_theorem "ded-thm-cor:4":
193  assumes φ  (ψ  χ) and ψ
194  shows φ  χ
195  using "→E" "→I" assms by blast
196
197lemmas "Hypothetical Syllogism" = "ded-thm-cor:3"
198
199AOT_theorem "useful-tautologies:1": ¬¬φ  φ
200  by (metis "pl:3"[axiom_inst] "→I" "Hypothetical Syllogism")
201AOT_theorem "useful-tautologies:2": φ  ¬¬φ
202  by (metis "pl:3"[axiom_inst] "→I" "ded-thm-cor:4")
203AOT_theorem "useful-tautologies:3": ¬φ  (φ  ψ)
204  by (meson "ded-thm-cor:4" "pl:3"[axiom_inst] "→I")
205AOT_theorem "useful-tautologies:4": (¬ψ  ¬φ)  (φ  ψ)
206  by (meson "pl:3"[axiom_inst] "Hypothetical Syllogism" "→I")
207AOT_theorem "useful-tautologies:5": (φ  ψ)  (¬ψ  ¬φ)
208  by (metis "useful-tautologies:4" "Hypothetical Syllogism" "→I")
209
210AOT_theorem "useful-tautologies:6": (φ  ¬ψ)  (ψ  ¬φ)
211  by (metis "→I" MP "useful-tautologies:4")
212
213AOT_theorem "useful-tautologies:7": (¬φ  ψ)  (¬ψ  φ)
214  by (metis "→I" MP "useful-tautologies:3" "useful-tautologies:5")
215
216AOT_theorem "useful-tautologies:8": φ  (¬ψ  ¬(φ  ψ))
217  by (metis "→I" MP "useful-tautologies:5")
218
219AOT_theorem "useful-tautologies:9": (φ  ψ)  ((¬φ  ψ)  ψ)
220  by (metis "→I" MP "useful-tautologies:6")
221
222AOT_theorem "useful-tautologies:10": (φ  ¬ψ)  ((φ  ψ)  ¬φ)
223  by (metis "→I" MP "pl:3"[axiom_inst])
224
225AOT_theorem "dn-i-e:1":
226  assumes φ
227  shows ¬¬φ
228  using MP "useful-tautologies:2" assms by blast
229lemmas "¬¬I" = "dn-i-e:1"
230AOT_theorem "dn-i-e:2":
231  assumes ¬¬φ
232  shows φ
233  using MP "useful-tautologies:1" assms by blast
234lemmas "¬¬E" = "dn-i-e:2"
235
236AOT_theorem "modus-tollens:1":
237  assumes φ  ψ and ¬ψ
238  shows ¬φ
239  using MP "useful-tautologies:5" assms by blast
240AOT_theorem "modus-tollens:2":
241  assumes φ  ¬ψ and ψ
242  shows ¬φ
243  using "¬¬I" "modus-tollens:1" assms by blast
244lemmas MT = "modus-tollens:1" "modus-tollens:2"
245
246AOT_theorem "contraposition:1[1]":
247  assumes φ  ψ
248  shows ¬ψ  ¬φ
249  using "→I" MT(1) assms by blast
250AOT_theorem "contraposition:1[2]":
251  assumes ¬ψ  ¬φ
252  shows φ  ψ
253  using "→I" "¬¬E" MT(2) assms by blast
254
255AOT_theorem "contraposition:2":
256  assumes φ  ¬ψ
257  shows ψ  ¬φ
258  using "→I" MT(2) assms by blast
259
260(* TODO: this is actually a mixture of the two variants given in PLM. *)
261AOT_theorem "reductio-aa:1":
262  assumes ¬φ  ¬ψ and ¬φ  ψ
263  shows φ
264  using "→I" "¬¬E" MT(2) assms by blast
265AOT_theorem "reductio-aa:2":
266  assumes φ  ¬ψ and φ  ψ
267  shows ¬φ
268  using "reductio-aa:1" assms by blast
269lemmas "RAA" = "reductio-aa:1" "reductio-aa:2"
270
271AOT_theorem "exc-mid": φ  ¬φ
272  using "df-rules-formulas[4]" "if-p-then-p" MP
273        "conventions:2" by blast
274
275AOT_theorem "non-contradiction": ¬(φ & ¬φ)
276  using "df-rules-formulas[3]" MT(2) "useful-tautologies:2"
277        "conventions:1" by blast
278
279AOT_theorem "con-dis-taut:1": (φ & ψ)  φ
280  by (meson "→I" "df-rules-formulas[3]" MP RAA(1) "conventions:1")
281AOT_theorem "con-dis-taut:2": (φ & ψ)  ψ
282  by (metis "→I" "df-rules-formulas[3]" MT(2) RAA(2)
283            "¬¬E" "conventions:1")
284lemmas "Conjunction Simplification" = "con-dis-taut:1" "con-dis-taut:2"
285
286AOT_theorem "con-dis-taut:3": φ  (φ  ψ)
287  by (meson "contraposition:1[2]" "df-rules-formulas[4]"
288            MP "→I" "conventions:2")
289AOT_theorem "con-dis-taut:4": ψ  (φ  ψ)
290  using "Hypothetical Syllogism" "df-rules-formulas[4]"
291        "pl:1"[axiom_inst] "conventions:2" by blast
292lemmas "Disjunction Addition" = "con-dis-taut:3" "con-dis-taut:4"
293
294AOT_theorem "con-dis-taut:5": φ  (ψ  (φ & ψ))
295  by (metis "contraposition:2" "Hypothetical Syllogism" "→I"
296            "df-rules-formulas[4]" "conventions:1")
297lemmas Adjunction = "con-dis-taut:5"
298
299AOT_theorem "con-dis-taut:6": (φ & φ)  φ
300  by (metis Adjunction "→I" "df-rules-formulas[4]" MP
301            "Conjunction Simplification"(1) "conventions:3")
302lemmas "Idempotence of &" = "con-dis-taut:6"
303
304AOT_theorem "con-dis-taut:7": (φ  φ)  φ
305proof -
306  {
307    AOT_assume φ  φ
308    AOT_hence ¬φ  φ
309      using "conventions:2"[THEN "df-rules-formulas[3]"] MP by blast
310    AOT_hence φ using "if-p-then-p" RAA(1) MP by blast
311  }
312  moreover {
313    AOT_assume φ
314    AOT_hence φ  φ using "Disjunction Addition"(1) MP by blast
315  }
316  ultimately AOT_show (φ  φ)  φ
317    using "conventions:3"[THEN "df-rules-formulas[4]"] MP
318    by (metis Adjunction "→I")
319qed
320lemmas "Idempotence of ∨" = "con-dis-taut:7"
321
322
323AOT_theorem "con-dis-i-e:1":
324  assumes φ and ψ
325  shows φ & ψ
326  using Adjunction MP assms by blast
327lemmas "&I" = "con-dis-i-e:1"
328
329AOT_theorem "con-dis-i-e:2:a":
330  assumes φ & ψ
331  shows φ
332  using "Conjunction Simplification"(1) MP assms by blast
333AOT_theorem "con-dis-i-e:2:b":
334  assumes φ & ψ
335  shows ψ
336  using "Conjunction Simplification"(2) MP assms by blast
337lemmas "&E" = "con-dis-i-e:2:a" "con-dis-i-e:2:b"
338
339AOT_theorem "con-dis-i-e:3:a":
340  assumes φ
341  shows φ  ψ
342  using "Disjunction Addition"(1) MP assms by blast
343AOT_theorem "con-dis-i-e:3:b":
344  assumes ψ
345  shows φ  ψ
346  using "Disjunction Addition"(2) MP assms by blast
347AOT_theorem "con-dis-i-e:3:c":
348  assumes φ  ψ and φ  χ and ψ  Θ
349  shows χ  Θ
350  by (metis "con-dis-i-e:3:a" "Disjunction Addition"(2)
351            "df-rules-formulas[3]" MT(1) RAA(1)
352            "conventions:2" assms)
353lemmas "∨I" = "con-dis-i-e:3:a" "con-dis-i-e:3:b" "con-dis-i-e:3:c"
354
355AOT_theorem "con-dis-i-e:4:a":
356  assumes φ  ψ and φ  χ and ψ  χ
357  shows χ
358  by (metis MP RAA(2) "df-rules-formulas[3]" "conventions:2" assms)
359AOT_theorem "con-dis-i-e:4:b":
360  assumes φ  ψ and ¬φ
361  shows ψ
362  using "con-dis-i-e:4:a" RAA(1) "→I" assms by blast
363AOT_theorem "con-dis-i-e:4:c":
364  assumes φ  ψ and ¬ψ
365  shows φ
366  using "con-dis-i-e:4:a" RAA(1) "→I" assms by blast
367lemmas "∨E" = "con-dis-i-e:4:a" "con-dis-i-e:4:b" "con-dis-i-e:4:c"
368
369AOT_theorem "raa-cor:1":
370  assumes ¬φ  ψ & ¬ψ
371  shows φ
372  using "&E" "∨E"(3) "∨I"(2) RAA(2) assms by blast
373AOT_theorem "raa-cor:2":
374  assumes φ  ψ & ¬ψ
375  shows ¬φ
376  using "raa-cor:1" assms by blast
377AOT_theorem "raa-cor:3":
378  assumes φ and ¬ψ  ¬φ
379  shows ψ
380  using RAA assms by blast
381AOT_theorem "raa-cor:4":
382  assumes ¬φ and ¬ψ  φ
383  shows ψ
384  using RAA assms by blast
385AOT_theorem "raa-cor:5":
386  assumes φ and ψ  ¬φ
387  shows ¬ψ
388  using RAA assms by blast
389AOT_theorem "raa-cor:6":
390  assumes ¬φ and ψ  φ
391  shows ¬ψ
392  using RAA assms by blast
393
394(* TODO: note these need manual introduction rules *)
395AOT_theorem "oth-class-taut:1:a": (φ  ψ)  ¬(φ & ¬ψ)
396  by (rule "conventions:3"[THEN "df-rules-formulas[4]", THEN "→E"])
397     (metis "&E" "&I" "raa-cor:3" "→I" MP)
398AOT_theorem "oth-class-taut:1:b": ¬(φ  ψ)  (φ & ¬ψ)
399  by (rule "conventions:3"[THEN "df-rules-formulas[4]", THEN "→E"])
400     (metis "&E" "&I" "raa-cor:3" "→I" MP)
401AOT_theorem "oth-class-taut:1:c": (φ  ψ)  (¬φ  ψ)
402  by (rule "conventions:3"[THEN "df-rules-formulas[4]", THEN "→E"])
403     (metis "&I" "∨I"(1, 2) "∨E"(3) "→I" MP "raa-cor:1")
404
405AOT_theorem "oth-class-taut:2:a": (φ & ψ)  (ψ & φ)
406  by (rule "conventions:3"[THEN "df-rules-formulas[4]", THEN "→E"])
407     (meson "&I" "&E" "→I")
408lemmas "Commutativity of &" = "oth-class-taut:2:a"
409AOT_theorem "oth-class-taut:2:b": (φ & (ψ & χ))  ((φ & ψ) & χ)
410  by (rule "conventions:3"[THEN "df-rules-formulas[4]", THEN "→E"])
411     (metis "&I" "&E" "→I")
412lemmas "Associativity of &" = "oth-class-taut:2:b"
413AOT_theorem "oth-class-taut:2:c": (φ  ψ)  (ψ  φ)
414  by (rule "conventions:3"[THEN "df-rules-formulas[4]", THEN "→E"])
415     (metis "&I" "∨I"(1, 2) "∨E"(1) "→I")
416lemmas "Commutativity of ∨" = "oth-class-taut:2:c"
417AOT_theorem "oth-class-taut:2:d": (φ  (ψ  χ))  ((φ  ψ)  χ)
418  by (rule "conventions:3"[THEN "df-rules-formulas[4]", THEN "→E"])
419     (metis "&I" "∨I"(1, 2) "∨E"(1) "→I")
420lemmas "Associativity of ∨" = "oth-class-taut:2:d"
421AOT_theorem "oth-class-taut:2:e": (φ  ψ)  (ψ  φ)
422  by (rule "conventions:3"[THEN "df-rules-formulas[4]", THEN "→E"]; rule "&I";
423      metis "&I" "df-rules-formulas[4]" "conventions:3" "&E"
424            "Hypothetical Syllogism" "→I" "df-rules-formulas[3]")
425lemmas "Commutativity of ≡" = "oth-class-taut:2:e"
426AOT_theorem "oth-class-taut:2:f": (φ  (ψ  χ))  ((φ  ψ)  χ)
427  using "conventions:3"[THEN "df-rules-formulas[4]"]
428        "conventions:3"[THEN "df-rules-formulas[3]"]
429        "→I" "→E" "&E" "&I"
430  by metis
431lemmas "Associativity of ≡" = "oth-class-taut:2:f"
432
433AOT_theorem "oth-class-taut:3:a": φ  φ
434  using "&I" "vdash-properties:6" "if-p-then-p"
435        "df-rules-formulas[4]" "conventions:3" by blast
436AOT_theorem "oth-class-taut:3:b": φ  ¬¬φ
437  using "&I" "useful-tautologies:1" "useful-tautologies:2" "→E"
438        "df-rules-formulas[4]" "conventions:3" by blast
439AOT_theorem "oth-class-taut:3:c": ¬(φ  ¬φ)
440  by (metis "&E" "→E" RAA "df-rules-formulas[3]" "conventions:3")
441
442AOT_theorem "oth-class-taut:4:a": (φ  ψ)  ((ψ  χ)  (φ  χ))
443  by (metis "→E" "→I")
444AOT_theorem "oth-class-taut:4:b": (φ  ψ)  (¬φ  ¬ψ)
445  using "conventions:3"[THEN "df-rules-formulas[4]"]
446        "conventions:3"[THEN "df-rules-formulas[3]"]
447        "→I" "→E" "&E" "&I" RAA by metis
448AOT_theorem "oth-class-taut:4:c": (φ  ψ)  ((φ  χ)  (ψ  χ))
449  using "conventions:3"[THEN "df-rules-formulas[4]"]
450        "conventions:3"[THEN "df-rules-formulas[3]"]
451        "→I" "→E" "&E" "&I" by metis
452AOT_theorem "oth-class-taut:4:d": (φ  ψ)  ((χ  φ)  (χ  ψ))
453  using "conventions:3"[THEN "df-rules-formulas[4]"]
454        "conventions:3"[THEN "df-rules-formulas[3]"]
455        "→I" "→E" "&E" "&I" by metis
456AOT_theorem "oth-class-taut:4:e": (φ  ψ)  ((φ & χ)  (ψ & χ))
457  using "conventions:3"[THEN "df-rules-formulas[4]"]
458        "conventions:3"[THEN "df-rules-formulas[3]"]
459        "→I" "→E" "&E" "&I" by metis
460AOT_theorem "oth-class-taut:4:f": (φ  ψ)  ((χ & φ)  (χ & ψ))
461  using "conventions:3"[THEN "df-rules-formulas[4]"]
462        "conventions:3"[THEN "df-rules-formulas[3]"]
463        "→I" "→E" "&E" "&I" by metis
464AOT_theorem "oth-class-taut:4:g": (φ  ψ)  ((φ & ψ)  (¬φ & ¬ψ))
465proof(safe intro!: "conventions:3"[THEN "df-rules-formulas[4]", THEN "→E"]
466                   "&I" "→I"
467           dest!: "conventions:3"[THEN "df-rules-formulas[3]", THEN "→E"])
468  AOT_show φ & ψ  (¬φ & ¬ψ) if (φ  ψ) & (ψ  φ)
469    using "&E" "∨I" "→E" "&I" "raa-cor:1" "→I" "∨E" that by metis
470next
471  AOT_show ψ if φ & ψ  (¬φ & ¬ψ) and φ
472    using that "∨E" "&E" "raa-cor:3" by blast
473next
474  AOT_show φ if φ & ψ  (¬φ & ¬ψ) and ψ
475    using that "∨E" "&E" "raa-cor:3" by blast
476qed
477AOT_theorem "oth-class-taut:4:h": ¬(φ  ψ)  ((φ & ¬ψ)  (¬φ & ψ))
478proof (safe intro!: "conventions:3"[THEN "df-rules-formulas[4]", THEN "→E"]
479                    "&I" "→I")
480  AOT_show φ & ¬ψ  (¬φ & ψ) if ¬(φ  ψ)
481    by (metis that "&I" "∨I"(1, 2) "→I" MT(1) "df-rules-formulas[4]"
482              "raa-cor:3" "conventions:3")
483next
484  AOT_show ¬(φ  ψ) if φ & ¬ψ  (¬φ & ψ)
485    by (metis that "&E" "∨E"(2) "→E" "df-rules-formulas[3]"
486              "raa-cor:3" "conventions:3")
487qed
488AOT_theorem "oth-class-taut:5:a": (φ & ψ)  ¬(¬φ  ¬ψ)
489  using "conventions:3"[THEN "df-rules-formulas[4]"]
490        "→I" "→E" "&E" "&I" "∨I" "∨E" RAA by metis
491AOT_theorem "oth-class-taut:5:b": (φ  ψ)  ¬(¬φ & ¬ψ)
492  using "conventions:3"[THEN "df-rules-formulas[4]"]
493        "→I" "→E" "&E" "&I" "∨I" "∨E" RAA by metis
494AOT_theorem "oth-class-taut:5:c": ¬(φ & ψ)  (¬φ  ¬ψ)
495  using "conventions:3"[THEN "df-rules-formulas[4]"]
496        "→I" "→E" "&E" "&I" "∨I" "∨E" RAA by metis
497AOT_theorem "oth-class-taut:5:d": ¬(φ  ψ)  (¬φ & ¬ψ)
498  using "conventions:3"[THEN "df-rules-formulas[4]"]
499        "→I" "→E" "&E" "&I" "∨I" "∨E" RAA by metis
500
501lemmas DeMorgan = "oth-class-taut:5:c" "oth-class-taut:5:d"
502
503AOT_theorem "oth-class-taut:6:a":
504  (φ & (ψ  χ))  ((φ & ψ)  (φ & χ))
505  using "conventions:3"[THEN "df-rules-formulas[4]"]
506        "→I" "→E" "&E" "&I" "∨I" "∨E" RAA by metis
507AOT_theorem "oth-class-taut:6:b":
508  (φ  (ψ & χ))  ((φ  ψ) & (φ  χ))
509  using "conventions:3"[THEN "df-rules-formulas[4]"]
510        "→I" "→E" "&E" "&I" "∨I" "∨E" RAA by metis
511
512AOT_theorem "oth-class-taut:7:a": ((φ & ψ)  χ)  (φ  (ψ  χ))
513  by (metis "&I" "→E" "→I")
514lemmas Exportation = "oth-class-taut:7:a"
515AOT_theorem "oth-class-taut:7:b": (φ  (ψ χ))  ((φ & ψ)  χ)
516  by (metis "&E" "→E" "→I")
517lemmas Importation = "oth-class-taut:7:b"
518
519AOT_theorem "oth-class-taut:8:a":
520  (φ  (ψ  χ))  (ψ  (φ  χ))
521  using "conventions:3"[THEN "df-rules-formulas[4]"] "→I" "→E" "&E" "&I"
522  by metis
523lemmas Permutation = "oth-class-taut:8:a"
524AOT_theorem "oth-class-taut:8:b":
525  (φ  ψ)  ((φ  χ)  (φ  (ψ & χ)))
526  by (metis "&I" "→E" "→I")
527lemmas Composition = "oth-class-taut:8:b"
528AOT_theorem "oth-class-taut:8:c":
529  (φ  χ)  ((ψ  χ)  ((φ  ψ)  χ))
530  by (metis "∨E"(2) "→E" "→I" RAA(1))
531AOT_theorem "oth-class-taut:8:d":
532  ((φ  ψ) & (χ  Θ))  ((φ & χ)  (ψ & Θ))
533  by (metis "&E" "&I" "→E" "→I")
534lemmas "Double Composition" = "oth-class-taut:8:d"
535AOT_theorem "oth-class-taut:8:e":
536  ((φ & ψ)  (φ & χ))  (φ  (ψ  χ))
537  by (metis "conventions:3"[THEN "df-rules-formulas[4]"]
538            "conventions:3"[THEN "df-rules-formulas[3]"]
539            "→I" "→E" "&E" "&I")
540AOT_theorem "oth-class-taut:8:f":
541  ((φ & ψ)  (χ & ψ))  (ψ  (φ  χ))
542  by (metis "conventions:3"[THEN "df-rules-formulas[4]"]
543            "conventions:3"[THEN "df-rules-formulas[3]"]
544            "→I" "→E" "&E" "&I")
545AOT_theorem "oth-class-taut:8:g":
546  (ψ  χ)  ((φ  ψ)  (φ  χ))
547  by (metis "conventions:3"[THEN "df-rules-formulas[4]"]
548            "conventions:3"[THEN "df-rules-formulas[3]"]
549            "→I" "→E" "&E" "&I" "∨I" "∨E"(1))
550AOT_theorem "oth-class-taut:8:h":
551  (ψ  χ)  ((ψ  φ)  (χ  φ))
552  by (metis "conventions:3"[THEN "df-rules-formulas[4]"]
553            "conventions:3"[THEN "df-rules-formulas[3]"]
554            "→I" "→E" "&E" "&I" "∨I" "∨E"(1))
555AOT_theorem "oth-class-taut:8:i":
556  (φ  (ψ & χ))  (ψ  (φ  χ))
557  by (metis "conventions:3"[THEN "df-rules-formulas[4]"]
558            "conventions:3"[THEN "df-rules-formulas[3]"]
559            "→I" "→E" "&E" "&I")
560
561AOT_theorem "intro-elim:1":
562  assumes φ  ψ and φ  χ and ψ  Θ
563  shows χ  Θ
564  by (metis assms "∨I"(1, 2) "∨E"(1) "→I" "→E" "&E"(1)
565            "conventions:3"[THEN "df-rules-formulas[3]"])
566
567AOT_theorem "intro-elim:2":
568  assumes φ  ψ and ψ  φ
569  shows φ  ψ
570  by (meson "&I" "conventions:3" "df-rules-formulas[4]" MP assms)
571lemmas "≡I" = "intro-elim:2"
572
573AOT_theorem "intro-elim:3:a":
574  assumes φ  ψ and φ
575  shows ψ
576  by (metis "∨I"(1) "→I" "∨E"(1) "intro-elim:1" assms)
577AOT_theorem "intro-elim:3:b":
578  assumes φ  ψ and ψ
579  shows φ
580  using "intro-elim:3:a" "Commutativity of ≡" assms by blast
581AOT_theorem "intro-elim:3:c":
582  assumes φ  ψ and ¬φ
583  shows ¬ψ
584  using "intro-elim:3:b" "raa-cor:3" assms by blast
585AOT_theorem "intro-elim:3:d":
586  assumes φ  ψ and ¬ψ
587  shows ¬φ
588  using "intro-elim:3:a" "raa-cor:3" assms by blast
589AOT_theorem "intro-elim:3:e":
590  assumes φ  ψ and ψ  χ
591  shows φ  χ
592  by (metis "≡I" "→I" "intro-elim:3:a" "intro-elim:3:b" assms)
593declare "intro-elim:3:e"[trans]
594AOT_theorem "intro-elim:3:f":
595  assumes φ  ψ and φ  χ
596  shows χ  ψ
597  by (metis "≡I" "→I" "intro-elim:3:a" "intro-elim:3:b" assms)
598lemmas "≡E" = "intro-elim:3:a" "intro-elim:3:b" "intro-elim:3:c"
599              "intro-elim:3:d" "intro-elim:3:e" "intro-elim:3:f"
600
601declare "Commutativity of ≡"[THEN "≡E"(1), sym]
602
603AOT_theorem "rule-eq-df:1":
604  assumes φ df ψ
605  shows φ  ψ
606  by (simp add: "≡I" "df-rules-formulas[3]" "df-rules-formulas[4]" assms)
607lemmas "≡Df" = "rule-eq-df:1"
608AOT_theorem "rule-eq-df:2":
609  assumes φ df ψ and φ
610  shows ψ
611  using "≡Df" "≡E"(1) assms by blast
612lemmas "≡dfE" = "rule-eq-df:2"
613AOT_theorem "rule-eq-df:3":
614  assumes φ df ψ and ψ
615  shows φ
616  using "≡Df" "≡E"(2) assms by blast
617lemmas "≡dfI" = "rule-eq-df:3"
618
619AOT_theorem  "df-simplify:1":
620  assumes φ  (ψ & χ) and ψ
621  shows φ  χ
622  by (metis "&E"(2) "&I" "≡E"(1, 2) "≡I" "→I" assms)
623(* TODO: this is a slight variation from PLM *)
624AOT_theorem  "df-simplify:2":
625  assumes φ  (ψ & χ) and χ
626  shows φ  ψ
627  by (metis "&E"(1) "&I" "≡E"(1, 2) "≡I" "→I" assms)
628lemmas "≡S" = "df-simplify:1"  "df-simplify:2"
629
630subsection‹The Theory of Quantification›
631text‹\label{PLM: 9.6}›
632
633AOT_theorem "rule-ui:1":
634  assumes α φ{α} and τ
635  shows φ{τ}
636  using "→E" "cqt:1"[axiom_inst] assms by blast
637AOT_theorem "rule-ui:2[const_var]":
638  assumes α φ{α}
639  shows φ{β}
640  by (simp add: "rule-ui:1" "cqt:2[const_var]"[axiom_inst] assms)
641(* TODO: precise proviso in PLM *)
642AOT_theorem "rule-ui:2[lambda]":
643  assumes F φ{F} and INSTANCE_OF_CQT_2(ψ)
644  shows φ{ν1...νn ψ{ν1...νn}]}
645  by (simp add: "rule-ui:1" "cqt:2[lambda]"[axiom_inst] assms)
646AOT_theorem "rule-ui:3":
647  assumes α φ{α}
648  shows φ{α}
649  by (simp add: "rule-ui:2[const_var]" assms)
650lemmas "∀E" = "rule-ui:1" "rule-ui:2[const_var]"
651              "rule-ui:2[lambda]" "rule-ui:3"
652
653AOT_theorem "cqt-orig:1[const_var]": α φ{α}  φ{β}
654  by (simp add: "∀E"(2) "→I")
655AOT_theorem "cqt-orig:1[lambda]":
656  assumes INSTANCE_OF_CQT_2(ψ)
657  shows F φ{F}  φ{ν1...νn ψ{ν1...νn}]}
658  by (simp add: "∀E"(3) "→I" assms)
659AOT_theorem "cqt-orig:2": α (φ  ψ{α})  (φ  α ψ{α})
660  by (metis "→I" GEN "vdash-properties:6" "∀E"(4))
661AOT_theorem "cqt-orig:3": α φ{α}  φ{α}
662  using "cqt-orig:1[const_var]".
663
664(* TODO: work out difference to GEN *)
665AOT_theorem universal:
666  assumes for arbitrary β: φ{β}
667  shows α φ{α}
668  using GEN assms .
669lemmas "∀I" = universal
670
671(* Generalized mechanism for "∀I" followed by ∀E *)
672ML673fun get_instantiated_allI ctxt varname thm = let
674val trm = Thm.concl_of thm
675val trm =
676  case trm of (@{const Trueprop} $ (@{const AOT_model_valid_in} $ _ $ x)) => x
677  | _ => raise Term.TERM ("Expected simple theorem.", [trm])
678fun extractVars (Const (const_name‹AOT_term_of_var›, _) $ Var v) =
679    (* TODO: care about the index? *)
680    (if fst (fst v) = fst varname then [Var v] else [])
681  | extractVars (t1 $ t2) = extractVars t1 @ extractVars t2
682  | extractVars (Abs (_, _, t)) = extractVars t
683  | extractVars _ = []
684val vars = extractVars trm
685val vars = fold Term.add_vars vars []
686val var = hd vars
687val trmty =
688  case (snd var) of (Type (type_name‹AOT_var›, [t])) => (t)
689  | _ => raise Term.TYPE ("Expected variable type.", [snd var], [Var var])
690val trm = Abs (Term.string_of_vname (fst var), trmty, Term.abstract_over (
691      Const (const_name‹AOT_term_of_var›, Type ("fun", [snd var, trmty]))
692       $ Var var, trm))
693val trm = Thm.cterm_of (Context.proof_of ctxt) trm
694val ty = hd (Term.add_tvars (Thm.prop_of @{thm "∀I"}) [])
695val typ = Thm.ctyp_of (Context.proof_of ctxt) trmty
696fun TVars_make x = x (* Next Isabelle release: = TVars.make x *)
697val TVars_empty = [] (* Next Isabelle release: = TVars.empty *)
698fun Vars_make x = x (* Next Isabelle release: = Vars.make x *)
699val Vars_empty = [] (* Next Isabelle release: = Vars.empty *)
700val allthm = Drule.instantiate_normalize (TVars_make [(ty, typ)],Vars_empty) @{thm "∀I"}
701val phi = hd (Term.add_vars (Thm.prop_of allthm) [])
702val allthm = Drule.instantiate_normalize (TVars_empty, Vars_make [(phi,trm)]) allthm
703in
704allthm
705end
706
707
708attribute_setup "∀I" =
709  ‹Scan.lift (Scan.repeat1 Args.var) >> (fn args => Thm.rule_attribute []
710  (fn ctxt => fn thm => fold (fn arg => fn thm =>
711    thm RS get_instantiated_allI ctxt arg thm) args thm))
712  "Quantify over a variable in a theorem using GEN."
713
714attribute_setup "unvarify" =
715  ‹Scan.lift (Scan.repeat1 Args.var) >> (fn args => Thm.rule_attribute []
716  (fn ctxt => fn thm =>
717    let
718      fun get_inst_allI arg thm = thm RS get_instantiated_allI ctxt arg thm
719      val thm = fold get_inst_allI args thm
720      val thm = fold (K (fn thm => thm RS @{thm "∀E"(1)})) args thm
721    in
722     thm
723    end))
724  "Generalize a statement about variables to a statement about denoting terms."
725
726(* TODO: rereplace-lem does not apply to the embedding *)
727
728AOT_theorem "cqt-basic:1": αβ φ{α,β}  βα φ{α,β}
729  by (metis "≡I" "∀E"(2) "∀I" "→I")
730
731AOT_theorem "cqt-basic:2":
732  α(φ{α}  ψ{α})  (α(φ{α}  ψ{α}) & α(ψ{α}  φ{α}))
733proof (rule "≡I"; rule "→I")
734  AOT_assume α(φ{α}  ψ{α})
735  AOT_hence φ{α}  ψ{α} for α using "∀E"(2) by blast
736  AOT_hence φ{α}  ψ{α} and ψ{α}  φ{α} for α
737    using "≡E"(1,2) "→I" by blast+
738  AOT_thus α(φ{α}  ψ{α}) & α(ψ{α}  φ{α})
739    by (auto intro: "&I" "∀I")
740next
741  AOT_assume α(φ{α}  ψ{α}) & α(ψ{α}  φ{α})
742  AOT_hence φ{α}  ψ{α} and ψ{α}  φ{α} for α
743    using "∀E"(2) "&E" by blast+
744  AOT_hence φ{α}  ψ{α} for α
745    using "≡I" by blast
746  AOT_thus α(φ{α}  ψ{α}) by (auto intro: "∀I")
747qed
748
749AOT_theorem "cqt-basic:3": α(φ{α}  ψ{α})  (α φ{α}  α ψ{α})
750proof(rule "→I")
751  AOT_assume α(φ{α}  ψ{α})
752  AOT_hence 1: φ{α}  ψ{α} for α using "∀E"(2) by blast
753  {
754    AOT_assume α φ{α}
755    AOT_hence α ψ{α} using 1 "∀I" "∀E"(4) "≡E" by metis
756  }
757  moreover {
758    AOT_assume α ψ{α}
759    AOT_hence α φ{α} using 1 "∀I" "∀E"(4) "≡E" by metis
760  }
761  ultimately AOT_show α φ{α}  α ψ{α}
762    using "≡I" "→I" by auto
763qed
764
765AOT_theorem "cqt-basic:4": α(φ{α} & ψ{α})  (α φ{α} & α ψ{α})
766proof(rule "→I")
767  AOT_assume 0: α(φ{α} & ψ{α})
768  AOT_have φ{α} and ψ{α} for α using "∀E"(2) 0 "&E" by blast+
769  AOT_thus α φ{α} & α ψ{α}
770    by (auto intro: "∀I" "&I")
771qed
772
773AOT_theorem "cqt-basic:5": (α1...∀αn(φ{α1...αn}))  φ{α1...αn}
774  using "cqt-orig:3" by blast
775
776AOT_theorem "cqt-basic:6": αα φ{α}  α φ{α}
777  by (meson "≡I" "→I" GEN "cqt-orig:1[const_var]")
778
779AOT_theorem "cqt-basic:7": (φ  α ψ{α})  α(φ  ψ{α})
780  by (metis "→I" "vdash-properties:6" "rule-ui:3" "≡I" GEN)
781
782AOT_theorem "cqt-basic:8": (α φ{α}  α ψ{α})  α (φ{α}  ψ{α})
783  by (simp add: "∨I"(3) "→I" GEN "cqt-orig:1[const_var]")
784
785AOT_theorem "cqt-basic:9":
786  (α (φ{α}  ψ{α}) & α (ψ{α}  χ{α}))  α(φ{α}  χ{α})
787proof -
788  {
789    AOT_assume α (φ{α}  ψ{α})
790    moreover AOT_assume α (ψ{α}  χ{α})
791    ultimately AOT_have φ{α}  ψ{α} and ψ{α}  χ{α} for α
792      using "∀E" by blast+
793    AOT_hence φ{α}  χ{α} for α by (metis "→E" "→I")
794    AOT_hence α(φ{α}  χ{α}) using "∀I" by fast
795  }
796  thus ?thesis using "&I" "→I" "&E" by meson
797qed
798
799AOT_theorem "cqt-basic:10":
800  (α(φ{α}  ψ{α}) & α(ψ{α}  χ{α}))  α (φ{α}  χ{α})
801proof(rule "→I"; rule "∀I")
802  fix β
803  AOT_assume α(φ{α}  ψ{α}) & α(ψ{α}  χ{α})
804  AOT_hence φ{β}  ψ{β} and ψ{β}  χ{β} using "&E" "∀E" by blast+
805  AOT_thus φ{β}  χ{β} using "≡I" "≡E" by blast
806qed
807
808AOT_theorem "cqt-basic:11": α(φ{α}  ψ{α})  α (ψ{α}  φ{α})
809proof (rule "≡I"; rule "→I")
810  AOT_assume 0: α(φ{α}  ψ{α})
811  {
812    fix α
813    AOT_have φ{α}  ψ{α} using 0 "∀E" by blast
814    AOT_hence ψ{α}  φ{α} using "≡I" "≡E" "→I" "→E" by metis
815  }
816  AOT_thus α(ψ{α}  φ{α}) using "∀I" by fast
817next
818  AOT_assume 0: α(ψ{α}  φ{α})
819  {
820    fix α
821    AOT_have ψ{α}  φ{α} using 0 "∀E" by blast
822    AOT_hence φ{α}  ψ{α} using "≡I" "≡E" "→I" "→E" by metis
823  }
824  AOT_thus α(φ{α}  ψ{α}) using "∀I" by fast
825qed
826
827AOT_theorem "cqt-basic:12": α φ{α}  α (ψ{α}  φ{α})
828  by (simp add: "∀E"(2) "→I" GEN)
829
830AOT_theorem "cqt-basic:13": α φ{α}  β φ{β}
831  using "≡I" "→I" by blast
832
833AOT_theorem "cqt-basic:14":
834  (α1...∀αn (φ{α1...αn}  ψ{α1...αn})) 
835   ((α1...∀αn φ{α1...αn})  (α1...∀αn ψ{α1...αn}))
836  using "cqt:3"[axiom_inst] by auto
837
838AOT_theorem "cqt-basic:15":
839  (α1...∀αn (φ  ψ{α1...αn}))  (φ  (α1...∀αn ψ{α1...αn}))
840  using "cqt-orig:2" by auto
841
842(* TODO: indistinguishable from GEN in the embedding *)
843AOT_theorem "universal-cor":
844  assumes for arbitrary β: φ{β}
845  shows α φ{α}
846  using GEN assms .
847
848AOT_theorem "existential:1":
849  assumes φ{τ} and τ
850  shows α φ{α}
851proof(rule "raa-cor:1")
852  AOT_assume ¬α φ{α}
853  AOT_hence α ¬φ{α}
854    using "≡dfI" "conventions:4" RAA "&I" by blast
855  AOT_hence ¬φ{τ} using assms(2) "∀E"(1) "→E" by blast
856  AOT_thus φ{τ} & ¬φ{τ} using assms(1) "&I" by blast
857qed
858
859AOT_theorem "existential:2[const_var]":
860  assumes φ{β}
861  shows α φ{α}
862  using "existential:1" "cqt:2[const_var]"[axiom_inst] assms by blast
863
864AOT_theorem "existential:2[lambda]":
865  assumes φ{ν1...νn ψ{ν1...νn}]} and INSTANCE_OF_CQT_2(ψ)
866  shows α φ{α}
867  using "existential:1" "cqt:2[lambda]"[axiom_inst] assms by blast
868lemmas "∃I" = "existential:1" "existential:2[const_var]"
869              "existential:2[lambda]" 
870
871AOT_theorem "instantiation":
872  assumes for arbitrary β: φ{β}  ψ and α φ{α}
873  shows ψ
874  by (metis (no_types, lifting) "≡dfE" GEN "raa-cor:3" "conventions:4" assms)
875lemmas "∃E" = "instantiation"
876
877AOT_theorem "cqt-further:1": α φ{α}  α φ{α}
878  using "∀E"(4) "∃I"(2) "→I" by metis
879
880AOT_theorem "cqt-further:2": ¬α φ{α}  α ¬φ{α}
881  using "∀I" "∃I"(2) "→I" RAA by metis
882
883AOT_theorem "cqt-further:3": α φ{α}  ¬α ¬φ{α}
884  using "∀E"(4) "∃E" "→I" RAA
885  by (metis "cqt-further:2" "≡I" "modus-tollens:1")
886
887AOT_theorem "cqt-further:4": ¬α φ{α}  α ¬φ{α}
888  using "∀I" "∃I"(2)"→I" RAA by metis
889
890AOT_theorem "cqt-further:5": α (φ{α} & ψ{α})  (α φ{α} & α ψ{α})
891  by (metis (no_types, lifting) "&E" "&I" "∃E" "∃I"(2) "→I")
892
893AOT_theorem "cqt-further:6": α (φ{α}  ψ{α})  (α φ{α}  α ψ{α})
894  by (metis (mono_tags, lifting) "∃E" "∃I"(2) "∨E"(3) "∨I"(1, 2) "→I" RAA(2))
895
896(* NOTE: vacuous in the embedding *)
897AOT_theorem "cqt-further:7": α φ{α}  β φ{β}
898  by (simp add: "oth-class-taut:3:a")
899
900AOT_theorem "cqt-further:8":
901  (α φ{α} & α ψ{α})  α (φ{α}  ψ{α})
902  by (metis (mono_tags, lifting) "&E" "≡I" "∀E"(2) "→I" GEN)
903
904AOT_theorem "cqt-further:9":
905  (¬α φ{α} & ¬α ψ{α})  α (φ{α}  ψ{α})
906  by (metis (mono_tags, lifting) "&E" "≡I" "∃I"(2) "→I" GEN "raa-cor:4")
907
908AOT_theorem "cqt-further:10":
909  (α φ{α} & ¬α ψ{α})  ¬α (φ{α}  ψ{α})
910proof(rule "→I"; rule "raa-cor:2")
911  AOT_assume 0: α φ{α} & ¬α ψ{α}
912  then AOT_obtain α where φ{α} using "∃E" "&E"(1) by metis
913  moreover AOT_assume α (φ{α}  ψ{α})
914  ultimately AOT_have ψ{α} using "∀E"(4) "≡E"(1) by blast
915  AOT_hence α ψ{α} using "∃I" by blast
916  AOT_thus α ψ{α} & ¬α ψ{α} using 0 "&E"(2) "&I" by blast
917qed
918
919AOT_theorem "cqt-further:11": αβ φ{α,β}  βα φ{α,β}
920  using "≡I" "→I" "∃I"(2) "∃E" by metis
921
922subsection‹Logical Existence, Identity, and Truth›
923text‹\label{PLM: 9.7}›
924
925AOT_theorem "log-prop-prop:1":  φ]
926  using "cqt:2[lambda0]"[axiom_inst] by auto
927
928AOT_theorem "log-prop-prop:2": φ
929  by (rule "≡dfI"[OF "existence:3"]) "cqt:2[lambda]"
930
931AOT_theorem "exist-nec": τ  τ
932proof -
933  AOT_have β β
934    by (simp add: GEN RN "cqt:2[const_var]"[axiom_inst])
935  AOT_thus τ  τ
936    using "cqt:1"[axiom_inst] "→E" by blast
937qed
938
939(* TODO: replace this mechanism by a "proof by types" command *)
940class AOT_Term_id = AOT_Term +
941  assumes "t=t-proper:1"[AOT]: [v  τ = τ'  τ]
942      and "t=t-proper:2"[AOT]: [v  τ = τ'  τ']
943
944instance κ :: AOT_Term_id
945proof
946  AOT_modally_strict {
947    AOT_show κ = κ'  κ for κ κ'
948    proof(rule "→I")
949      AOT_assume κ = κ'
950      AOT_hence O!κ  A!κ
951        by (rule "∨I"(3)[OF "≡dfE"[OF "identity:1"]])
952           (meson "→I" "∨I"(1) "&E"(1))+
953      AOT_thus κ
954        by (rule "∨E"(1))
955           (metis "cqt:5:a"[axiom_inst] "→I" "→E" "&E"(2))+
956    qed
957  }
958next
959  AOT_modally_strict {
960    AOT_show κ = κ'  κ' for κ κ'
961    proof(rule "→I")
962      AOT_assume κ = κ'
963      AOT_hence O!κ'  A!κ'
964        by (rule "∨I"(3)[OF "≡dfE"[OF "identity:1"]])
965           (meson "→I" "∨I" "&E")+
966      AOT_thus κ'
967        by (rule "∨E"(1))
968           (metis "cqt:5:a"[axiom_inst] "→I" "→E" "&E"(2))+
969    qed
970  }
971qed
972
973instance rel :: (AOT_κs) AOT_Term_id
974proof
975  AOT_modally_strict {
976    AOT_show Π = Π'  Π for Π Π' :: <'a>
977    proof(rule "→I")
978      AOT_assume Π = Π'
979      AOT_thus Π using "≡dfE"[OF "identity:3"[of Π Π']] "&E" by blast
980    qed
981  }
982next
983  AOT_modally_strict {
984    AOT_show Π = Π'  Π' for Π Π' :: <'a>
985    proof(rule "→I")
986      AOT_assume Π = Π'
987      AOT_thus Π' using "≡dfE"[OF "identity:3"[of Π Π']] "&E" by blast
988    qed
989  }
990qed
991
992instance 𝗈 :: AOT_Term_id
993proof
994  AOT_modally_strict {
995    fix φ ψ
996    AOT_show φ = ψ  φ
997    proof(rule "→I")
998      AOT_assume φ = ψ
999      AOT_thus φ using "≡dfE"[OF "identity:4"[of φ ψ]] "&E" by blast
1000    qed
1001  }
1002next
1003  AOT_modally_strict {
1004    fix φ ψ
1005    AOT_show φ = ψ  ψ
1006    proof(rule "→I")
1007      AOT_assume φ = ψ
1008      AOT_thus ψ using "≡dfE"[OF "identity:4"[of φ ψ]] "&E" by blast
1009    qed
1010  }
1011qed
1012
1013instance prod :: (AOT_Term_id, AOT_Term_id) AOT_Term_id
1014proof
1015  AOT_modally_strict {
1016    fix τ τ' :: 'a×'b
1017    AOT_show τ = τ'  τ
1018    proof (induct τ; induct τ'; rule "→I")
1019      fix τ1 τ1' :: 'a and τ2  τ2' :: 'b
1020      AOT_assume «(τ1, τ2)» = «(τ1', τ2')»
1021      AOT_hence (τ1 = τ1') & (τ2 = τ2') by (metis "≡dfE" tuple_identity_1)
1022      AOT_hence τ1 and τ2
1023        using "t=t-proper:1" "&E" "vdash-properties:10" by blast+
1024      AOT_thus «(τ1, τ2)» by (metis "≡dfI" "&I" tuple_denotes)
1025    qed
1026  }
1027next
1028  AOT_modally_strict {
1029    fix τ τ' :: 'a×'b
1030    AOT_show τ = τ'  τ'
1031    proof (induct τ; induct τ'; rule "→I")
1032      fix τ1 τ1' :: 'a and τ2  τ2' :: 'b
1033      AOT_assume «(τ1, τ2)» = «(τ1', τ2')»
1034      AOT_hence (τ1 = τ1') & (τ2 = τ2') by (metis "≡dfE" tuple_identity_1)
1035      AOT_hence τ1' and τ2'
1036        using "t=t-proper:2" "&E" "vdash-properties:10" by blast+
1037      AOT_thus «(τ1', τ2')» by (metis "≡dfI" "&I" tuple_denotes)
1038    qed
1039  }
1040qed
1041
1042(* This is the end of the "proof by types" and
1043   makes the results available on new theorems *)
1044AOT_register_type_constraints
1045  Term: _::AOT_Term_id› _::AOT_Term_id›
1046AOT_register_type_constraints
1047  Individual: ‹κ› _::{AOT_κs, AOT_Term_id}
1048AOT_register_type_constraints
1049  Relation: <_::{AOT_κs, AOT_Term_id}>
1050
1051AOT_theorem "id-rel-nec-equiv:1":
1052  Π = Π'  x1...∀xn ([Π]x1...xn  [Π']x1...xn)
1053proof(rule "→I")
1054  AOT_assume assumption: Π = Π'
1055  AOT_hence Π and Π'
1056    using "t=t-proper:1" "t=t-proper:2" MP by blast+
1057  moreover AOT_have FG (F = G  ((x1...∀xn ([F]x1...xn  [F]x1...xn)) 
1058                                     x1...∀xn ([F]x1...xn  [G]x1...xn)))
1059    apply (rule GEN)+ using "l-identity"[axiom_inst] by force
1060  ultimately AOT_have Π = Π'  ((x1...∀xn ([Π]x1...xn  [Π]x1...xn)) 
1061                                   x1...∀xn ([Π]x1...xn  [Π']x1...xn))
1062    using "∀E"(1) by blast
1063  AOT_hence (x1...∀xn ([Π]x1...xn  [Π]x1...xn)) 
1064             x1...∀xn ([Π]x1...xn  [Π']x1...xn)
1065    using assumption "→E" by blast
1066  moreover AOT_have x1...∀xn ([Π]x1...xn  [Π]x1...xn)
1067    by (simp add: RN "oth-class-taut:3:a" "universal-cor")
1068  ultimately AOT_show x1...∀xn ([Π]x1...xn  [Π']x1...xn)
1069    using "→E" by blast
1070qed
1071
1072AOT_theorem "id-rel-nec-equiv:2": φ = ψ  (φ  ψ)
1073proof(rule "→I")
1074  AOT_assume assumption: φ = ψ
1075  AOT_hence φ and ψ
1076    using "t=t-proper:1" "t=t-proper:2" MP by blast+
1077  moreover AOT_have pq (p = q  (((p  p)  (p  q))))
1078    apply (rule GEN)+ using "l-identity"[axiom_inst] by force
1079  ultimately AOT_have φ = ψ  ((φ  φ)  (φ  ψ))
1080    using "∀E"(1) by blast
1081  AOT_hence (φ  φ)  (φ  ψ)
1082    using assumption "→E" by blast
1083  moreover AOT_have (φ  φ)
1084    by (simp add: RN "oth-class-taut:3:a" "universal-cor")
1085  ultimately AOT_show (φ  ψ)
1086    using "→E" by blast
1087qed
1088
1089AOT_theorem "rule=E":
1090  assumes φ{τ} and τ = σ
1091  shows φ{σ}
1092proof -
1093  AOT_have τ and σ
1094    using assms(2) "t=t-proper:1" "t=t-proper:2" "→E" by blast+
1095  moreover AOT_have αβ(α = β  (φ{α}  φ{β}))
1096    apply (rule GEN)+ using "l-identity"[axiom_inst] by blast
1097  ultimately AOT_have τ = σ  (φ{τ}  φ{σ})
1098    using "∀E"(1) by blast
1099  AOT_thus φ{σ} using assms "→E" by blast
1100qed
1101
1102AOT_theorem "propositions-lemma:1":  φ] = φ
1103proof -
1104  AOT_have φ by (simp add: "log-prop-prop:2")
1105  moreover AOT_have p  p] = p
1106    using "lambda-predicates:3[zero]"[axiom_inst] "∀I" by fast
1107  ultimately AOT_show  φ] = φ
1108    using "∀E" by blast
1109qed
1110
1111AOT_theorem "propositions-lemma:2":  φ]  φ
1112proof -
1113  AOT_have  φ]   φ] by (simp add: "oth-class-taut:3:a")
1114  AOT_thus  φ]  φ using "propositions-lemma:1" "rule=E" by blast
1115qed
1116
1117(* propositions-lemma:3 through propositions-lemma:5 do not apply *)
1118
1119AOT_theorem "propositions-lemma:6": (φ  ψ)  ( φ]   ψ])
1120  by (metis "≡E"(1) "≡E"(5) "Associativity of ≡" "propositions-lemma:2")
1121
1122(* dr-alphabetic-rules does not apply *)
1123
1124AOT_theorem "oa-exist:1": O!
1125proof -
1126  AOT_have x [E!]x] by "cqt:2[lambda]"
1127  AOT_hence 1: O! = x [E!]x]
1128    using "df-rules-terms[4]"[OF "oa:1", THEN "&E"(1)] "→E" by blast
1129  AOT_show O! using "t=t-proper:1"[THEN "→E", OF 1] by simp
1130qed
1131
1132AOT_theorem "oa-exist:2": A!
1133proof -
1134  AOT_have x ¬[E!]x] by "cqt:2[lambda]"
1135  AOT_hence 1: A! = x ¬[E!]x]
1136    using "df-rules-terms[4]"[OF "oa:2", THEN "&E"(1)] "→E" by blast
1137  AOT_show A! using "t=t-proper:1"[THEN "→E", OF 1] by simp
1138qed
1139
1140AOT_theorem "oa-exist:3": O!x  A!x
1141proof(rule "raa-cor:1")
1142  AOT_assume ¬(O!x  A!x)
1143  AOT_hence A: ¬O!x and B: ¬A!x
1144    using "Disjunction Addition"(1) "modus-tollens:1"
1145          "∨I"(2) "raa-cor:5" by blast+
1146  AOT_have C: O! = x [E!]x]
1147    by (rule "df-rules-terms[4]"[OF "oa:1", THEN "&E"(1), THEN "→E"]) "cqt:2"
1148  AOT_have D: A! = x ¬[E!]x]
1149    by (rule "df-rules-terms[4]"[OF "oa:2", THEN "&E"(1), THEN "→E"]) "cqt:2"
1150  AOT_have E: ¬x [E!]x]x
1151    using A C "rule=E" by fast
1152  AOT_have F: ¬x ¬[E!]x]x
1153    using B D "rule=E" by fast
1154  AOT_have G: x [E!]x]x  [E!]x
1155    by (rule "lambda-predicates:2"[axiom_inst, THEN "→E"]) "cqt:2"
1156  AOT_have H: x ¬[E!]x]x  ¬[E!]x
1157    by (rule "lambda-predicates:2"[axiom_inst, THEN "→E"]) "cqt:2"
1158  AOT_show ¬[E!]x & ¬¬[E!]x using G E "≡E" H F "≡E" "&I" by metis
1159qed
1160
1161AOT_theorem "p-identity-thm2:1": F = G  x(x[F]  x[G])
1162proof -
1163  AOT_have F = G  F & G & x(x[F]  x[G])
1164    using "identity:2" "df-rules-formulas[3]" "df-rules-formulas[4]"
1165          "→E" "&E" "≡I" "→I" by blast
1166  moreover AOT_have F and G
1167    by (auto simp: "cqt:2[const_var]"[axiom_inst])
1168  ultimately AOT_show F = G  x(x[F]  x[G])
1169    using "≡S"(1) "&I" by blast
1170qed
1171
1172AOT_theorem "p-identity-thm2:2[2]":
1173  F = G  y1(x [F]xy1] = x [G]xy1] & x [F]y1x] = x [G]y1x])
1174proof -
1175  AOT_have F = G  F & G &
1176              y1(x [F]xy1] = x [G]xy1] & x [F]y1x] = x [G]y1x])
1177    using "identity:3[2]" "df-rules-formulas[3]" "df-rules-formulas[4]"
1178          "→E" "&E" "≡I" "→I" by blast
1179  moreover AOT_have F and G
1180    by (auto simp: "cqt:2[const_var]"[axiom_inst])
1181  ultimately show ?thesis
1182    using "≡S"(1) "&I" by blast
1183qed
1184    
1185AOT_theorem "p-identity-thm2:2[3]":
1186  F = G  y1y2(x [F]xy1y2] = x [G]xy1y2] &
1187                  x [F]y1xy2] = x [G]y1xy2] &
1188                  x [F]y1y2x] = x [G]y1y2x])
1189proof -
1190  AOT_have F = G  F & G & y1y2(x [F]xy1y2] = x [G]xy1y2] &
1191                                     x [F]y1xy2] = x [G]y1xy2] &
1192                                     x [F]y1y2x] = x [G]y1y2x])
1193    using "identity:3[3]" "df-rules-formulas[3]" "df-rules-formulas[4]"
1194          "→E" "&E" "≡I" "→I" by blast
1195  moreover AOT_have F and G
1196    by (auto simp: "cqt:2[const_var]"[axiom_inst])
1197  ultimately show ?thesis
1198    using "≡S"(1) "&I" by blast
1199qed
1200
1201AOT_theorem "p-identity-thm2:2[4]":
1202  F = G  y1y2y3(x [F]xy1y2y3] = x [G]xy1y2y3] &
1203                     x [F]y1xy2y3] = x [G]y1xy2y3] &
1204                     x [F]y1y2xy3] = x [G]y1y2xy3] &
1205                     x [F]y1y2y3x] = x [G]y1y2y3x])
1206proof -
1207  AOT_have F = G  F & G & y1y2y3(x [F]xy1y2y3] = x [G]xy1y2y3] &
1208                                        x [F]y1xy2y3] = x [G]y1xy2y3] &
1209                                        x [F]y1y2xy3] = x [G]y1y2xy3] &
1210                                        x [F]y1y2y3x] = x [G]y1y2y3x])
1211    using "identity:3[4]" "df-rules-formulas[3]" "df-rules-formulas[4]"
1212          "→E" "&E" "≡I" "→I" by blast
1213  moreover AOT_have F and G
1214    by (auto simp: "cqt:2[const_var]"[axiom_inst])
1215  ultimately show ?thesis
1216    using "≡S"(1) "&I" by blast
1217qed
1218
1219AOT_theorem "p-identity-thm2:2":
1220  F = G  x1...∀xn «AOT_sem_proj_id x1xn (λ τ . «[F]τ») (λ τ . «[G]τ»)»
1221proof -
1222  AOT_have F = G  F & G &
1223              x1...∀xn «AOT_sem_proj_id x1xn (λ τ . «[F]τ») (λ τ . «[G]τ»)»
1224    using "identity:3" "df-rules-formulas[3]" "df-rules-formulas[4]"
1225          "→E" "&E" "≡I" "→I" by blast
1226  moreover AOT_have F and G
1227    by (auto simp: "cqt:2[const_var]"[axiom_inst])
1228  ultimately show ?thesis
1229    using "≡S"(1) "&I" by blast
1230qed
1231
1232AOT_theorem "p-identity-thm2:3":
1233  p = q  x p] = x q]
1234proof -
1235  AOT_have p = q  p & q & x p] = x q]
1236    using "identity:4" "df-rules-formulas[3]" "df-rules-formulas[4]"
1237          "→E" "&E" "≡I" "→I" by blast
1238  moreover AOT_have p and q
1239    by (auto simp: "cqt:2[const_var]"[axiom_inst])
1240  ultimately show ?thesis
1241    using "≡S"(1) "&I" by blast
1242qed
1243
1244class AOT_Term_id_2 = AOT_Term_id + assumes "id-eq:1": [v  α = α]
1245
1246instance κ :: AOT_Term_id_2
1247proof
1248  AOT_modally_strict {
1249    fix x
1250    {
1251      AOT_assume O!x
1252      moreover AOT_have F([F]x  [F]x)
1253        using RN GEN "oth-class-taut:3:a" by fast
1254      ultimately AOT_have O!x & O!x & F([F]x  [F]x) using "&I" by simp
1255    }
1256    moreover {
1257      AOT_assume A!x
1258      moreover AOT_have F(x[F]  x[F])
1259        using RN GEN "oth-class-taut:3:a" by fast
1260      ultimately AOT_have A!x & A!x & F(x[F]  x[F]) using "&I" by simp
1261    }
1262    ultimately AOT_have (O!x & O!x & F([F]x  [F]x)) 
1263                         (A!x & A!x & F(x[F]  x[F]))
1264      using "oa-exist:3" "∨I"(1) "∨I"(2) "∨E"(3) "raa-cor:1" by blast
1265    AOT_thus x = x
1266      using "identity:1"[THEN "df-rules-formulas[4]"] "→E" by blast
1267  }
1268qed
1269
1270instance rel :: ("{AOT_κs,AOT_Term_id_2}") AOT_Term_id_2
1271proof
1272  AOT_modally_strict {
1273    fix F :: "<'a> AOT_var"
1274    AOT_have 0: x1...xn [F]x1...xn] = F
1275      by (simp add: "lambda-predicates:3"[axiom_inst])
1276    AOT_have x1...xn [F]x1...xn]
1277      by "cqt:2[lambda]"
1278    AOT_hence x1...xn [F]x1...xn] = x1...xn [F]x1...xn]
1279      using "lambda-predicates:1"[axiom_inst] "→E" by blast
1280    AOT_show F = F using "rule=E" 0 by force 
1281  }
1282qed
1283
1284instance 𝗈 :: AOT_Term_id_2
1285proof
1286  AOT_modally_strict {
1287    fix p
1288    AOT_have 0:  p] = p
1289      by (simp add: "lambda-predicates:3[zero]"[axiom_inst])
1290    AOT_have  p]
1291      by (rule "cqt:2[lambda0]"[axiom_inst])
1292    AOT_hence  p] =  p]
1293      using "lambda-predicates:1[zero]"[axiom_inst] "→E" by blast
1294    AOT_show p = p using "rule=E" 0 by force
1295  }
1296qed
1297
1298instance prod :: (AOT_Term_id_2, AOT_Term_id_2) AOT_Term_id_2
1299proof
1300  AOT_modally_strict {
1301    fix α :: ('a×'b) AOT_var›
1302    AOT_show α = α
1303    proof (induct)
1304      AOT_show τ = τ if τ for τ :: 'a×'b
1305        using that
1306      proof (induct τ)
1307        fix τ1 :: 'a and τ2 :: 'b
1308        AOT_assume «(τ1,τ2)»
1309        AOT_hence τ1 and τ2
1310          using "≡dfE" "&E" tuple_denotes by blast+
1311        AOT_hence τ1 = τ1 and τ2 = τ2
1312          using "id-eq:1"[unvarify α] by blast+
1313        AOT_thus «(τ1, τ2)» = «(τ1, τ2)»
1314          by (metis "≡dfI" "&I" tuple_identity_1)
1315      qed
1316    qed
1317  }
1318qed
1319
1320AOT_register_type_constraints
1321  Term: _::AOT_Term_id_2› _::AOT_Term_id_2›
1322AOT_register_type_constraints
1323  Individual: ‹κ› _::{AOT_κs, AOT_Term_id_2}
1324AOT_register_type_constraints
1325  Relation: <_::{AOT_κs, AOT_Term_id_2}>
1326
1327(* TODO: Interestingly, this doesn't depend on "id-eq:1" at all! *)
1328AOT_theorem "id-eq:2": α = β  β = α
1329  by (meson "rule=E" "deduction-theorem")
1330
1331AOT_theorem "id-eq:3": α = β & β = γ  α = γ
1332  using "rule=E" "→I" "&E" by blast
1333
1334AOT_theorem "id-eq:4": α = β  γ (α = γ  β = γ)
1335proof (rule "≡I"; rule "→I")
1336  AOT_assume 0: α = β
1337  AOT_hence 1: β = α using "id-eq:2" "→E" by blast
1338  AOT_show γ (α = γ  β = γ)
1339    by (rule GEN) (metis "≡I" "→I" 0 "1" "rule=E")
1340next
1341  AOT_assume γ (α = γ  β = γ)
1342  AOT_hence α = α  β = α using "∀E"(2) by blast
1343  AOT_hence α = α  β = α using "≡E"(1) "→I" by blast
1344  AOT_hence β = α using "id-eq:1" "→E" by blast
1345  AOT_thus α = β using "id-eq:2" "→E" by blast
1346qed
1347
1348AOT_theorem "rule=I:1":
1349  assumes τ
1350  shows τ = τ
1351proof -
1352  AOT_have α (α = α)
1353    by (rule GEN) (metis "id-eq:1")
1354  AOT_thus τ = τ using assms "∀E" by blast
1355qed
1356
1357AOT_theorem "rule=I:2[const_var]": "α = α"
1358  using "id-eq:1".
1359
1360AOT_theorem "rule=I:2[lambda]":
1361  assumes INSTANCE_OF_CQT_2(φ)
1362  shows "ν1...νn φ{ν1...νn}] = ν1...νn φ{ν1...νn}]"
1363proof -
1364  AOT_have α (α = α)
1365    by (rule GEN) (metis "id-eq:1")
1366  moreover AOT_have ν1...νn φ{ν1...νn}]
1367    using assms by (rule "cqt:2[lambda]"[axiom_inst])
1368  ultimately AOT_show ν1...νn φ{ν1...νn}] = ν1...νn φ{ν1...νn}]
1369    using assms "∀E" by blast
1370qed
1371
1372lemmas "=I" = "rule=I:1" "rule=I:2[const_var]" "rule=I:2[lambda]"
1373
1374AOT_theorem "rule-id-df:1":
1375  assumes τ{α1...αn} =df σ{α1...αn} and σ{τ1...τn}
1376  shows τ{τ1...τn} = σ{τ1...τn}
1377proof -
1378  AOT_have σ{τ1...τn}  τ{τ1...τn} = σ{τ1...τn}
1379    using "df-rules-terms[3]" assms(1) "&E" by blast
1380  AOT_thus τ{τ1...τn} = σ{τ1...τn}
1381    using assms(2) "→E" by blast
1382qed
1383
1384AOT_theorem "rule-id-df:1[zero]":
1385  assumes τ =df σ and σ
1386  shows τ = σ
1387proof -
1388  AOT_have σ  τ = σ
1389    using "df-rules-terms[4]" assms(1) "&E" by blast
1390  AOT_thus τ = σ
1391    using assms(2) "→E" by blast
1392qed
1393
1394AOT_theorem "rule-id-df:2:a":
1395  assumes τ{α1...αn} =df σ{α1...αn} and σ{τ1...τn} and φ{τ{τ1...τn}}
1396  shows φ{σ{τ1...τn}}
1397proof -
1398  AOT_have τ{τ1...τn} = σ{τ1...τn} using "rule-id-df:1" assms(1,2) by blast
1399  AOT_thus φ{σ{τ1...τn}} using assms(3) "rule=E" by blast
1400qed
1401
1402(* TODO: get rid of this, ideally *)
1403AOT_theorem "rule-id-df:2:a[2]":
1404  assumes τ{«(α1,α2)»} =df σ{«(α1,α2)»}
1405      and σ{«(τ1,τ2)»}
1406      and φ{τ{«(τ1,τ2)»}}
1407  shows φ{σ{«(τ1,τ2)»}}
1408proof -
1409  AOT_have τ{«(τ1,τ2)»} = σ{«(τ1,τ2)»}
1410  proof -
1411    AOT_have σ{«(τ1,τ2)»}  τ{«(τ1,τ2)»} = σ{«(τ1,τ2)»}
1412      (* NOTE: semantics needed *)
1413      using assms
1414      by (simp add: AOT_sem_conj AOT_sem_imp AOT_sem_eq AOT_sem_not
1415                    AOT_sem_denotes AOT_model_id_def)
1416    AOT_thus τ{«(τ1,τ2)»} = σ{«(τ1,τ2)»}
1417      using assms(2) "→E" by blast
1418  qed
1419  AOT_thus φ{σ{«(τ1,τ2)»}} using assms(3) "rule=E" by blast
1420qed
1421
1422AOT_theorem "rule-id-df:2:a[zero]":
1423  assumes τ =df σ and σ and φ{τ}
1424  shows φ{σ}
1425proof -
1426  AOT_have τ = σ using "rule-id-df:1[zero]" assms(1,2) by blast
1427  AOT_thus φ{σ} using assms(3) "rule=E" by blast
1428qed
1429
1430lemmas "=dfE" = "rule-id-df:2:a" "rule-id-df:2:a[zero]"
1431
1432AOT_theorem "rule-id-df:2:b":
1433  assumes τ{α1...αn} =df σ{α1...αn} and σ{τ1...τn} and φ{σ{τ1...τn}}
1434  shows φ{τ{τ1...τn}}
1435proof -
1436  AOT_have τ{τ1...τn} = σ{τ1...τn} using "rule-id-df:1" assms(1,2) by blast
1437  AOT_hence σ{τ1...τn} = τ{τ1...τn}
1438    using "rule=E" "=I"(1) "t=t-proper:1" "→E" by fast
1439  AOT_thus φ{τ{τ1...τn}} using assms(3) "rule=E" by blast
1440qed
1441
1442(* TODO: get rid of this, ideally *)
1443AOT_theorem "rule-id-df:2:b[2]":
1444  assumes τ{«(α1,α2)»} =df σ{«(α1,α2)»}
1445      and σ{«(τ1,τ2)»}
1446      and φ{σ{«(τ1,τ2)»}}
1447  shows φ{τ{«(τ1,τ2)»}}
1448proof -
1449  AOT_have τ{«(τ1,τ2)»} = σ{«(τ1,τ2)»}
1450  proof -
1451    AOT_have σ{«(τ1,τ2)»}  τ{«(τ1,τ2)»} = σ{«(τ1,τ2)»}
1452      (* NOTE: semantics needed *)
1453      using assms by (simp add: AOT_sem_conj AOT_sem_imp AOT_sem_eq
1454                                AOT_sem_not AOT_sem_denotes AOT_model_id_def)
1455    AOT_thus τ{«(τ1,τ2)»} = σ{«(τ1,τ2)»}
1456      using assms(2) "→E" by blast
1457  qed
1458  AOT_hence σ{«(τ1,τ2)»} = τ{«(τ1,τ2)»}
1459    using "rule=E" "=I"(1) "t=t-proper:1" "→E" by fast
1460  AOT_thus φ{τ{«(τ1,τ2)»}} using assms(3) "rule=E" by blast
1461qed
1462
1463AOT_theorem "rule-id-df:2:b[zero]":
1464  assumes τ =df σ and σ and φ{σ}
1465  shows φ{τ}
1466proof -
1467  AOT_have τ = σ using "rule-id-df:1[zero]" assms(1,2) by blast
1468  AOT_hence σ = τ
1469    using "rule=E" "=I"(1) "t=t-proper:1" "→E" by fast
1470  AOT_thus φ{τ} using assms(3) "rule=E" by blast
1471qed
1472
1473lemmas "=dfI" = "rule-id-df:2:b" "rule-id-df:2:b[zero]"
1474
1475AOT_theorem "free-thms:1": τ  β (β = τ)
1476  by (metis "∃E" "rule=I:1" "t=t-proper:2" "→I" "∃I"(1) "≡I" "→E")
1477
1478AOT_theorem "free-thms:2": α φ{α}  (β (β = τ)  φ{τ})
1479  by (metis "∃E" "rule=E" "cqt:2[const_var]"[axiom_inst] "→I" "∀E"(1))
1480
1481AOT_theorem "free-thms:3[const_var]": β (β = α)
1482  by (meson "∃I"(2) "id-eq:1")
1483
1484AOT_theorem "free-thms:3[lambda]":
1485  assumes INSTANCE_OF_CQT_2(φ)
1486  shows β (β = ν1...νn φ{ν1...νn}])
1487  by (meson "=I"(3) assms "cqt:2[lambda]"[axiom_inst] "existential:1")
1488
1489AOT_theorem "free-thms:4[rel]":
1490  ([Π]κ1...κn  κ1...κn[Π])  β (β = Π)
1491  by (metis "rule=I:1" "&E"(1) "∨E"(1) "cqt:5:a"[axiom_inst]
1492            "cqt:5:b"[axiom_inst] "→I" "∃I"(1))
1493
1494AOT_theorem "free-thms:4[vars]":
1495  ([Π]κ1...κn  κ1...κn[Π])  β1...∃βn (β1...βn = κ1...κn)
1496  by (metis "rule=I:1" "&E"(2) "∨E"(1) "cqt:5:a"[axiom_inst]
1497            "cqt:5:b"[axiom_inst] "→I" "∃I"(1))
1498
1499AOT_theorem "free-thms:4[1,rel]":
1500  ([Π]κ  κ[Π])  β (β = Π)
1501  by (metis "rule=I:1" "&E"(1) "∨E"(1) "cqt:5:a"[axiom_inst]
1502            "cqt:5:b"[axiom_inst] "→I" "∃I"(1))
1503AOT_theorem "free-thms:4[1,1]":
1504  ([Π]κ  κ[Π])  β (β = κ)
1505  by (metis "rule=I:1" "&E"(2) "∨E"(1) "cqt:5:a"[axiom_inst]
1506            "cqt:5:b"[axiom_inst] "→I" "∃I"(1))
1507
1508AOT_theorem "free-thms:4[2,rel]":
1509  ([Π]κ1κ2  κ1κ2[Π])  β (β = Π)
1510  by (metis "rule=I:1" "&E"(1) "∨E"(1) "cqt:5:a[2]"[axiom_inst]
1511            "cqt:5:b[2]"[axiom_inst] "→I" "∃I"(1))
1512AOT_theorem "free-thms:4[2,1]":
1513  ([Π]κ1κ2  κ1κ2[Π])  β (β = κ1)
1514  by (metis "rule=I:1" "&E" "∨E"(1) "cqt:5:a[2]"[axiom_inst]
1515            "cqt:5:b[2]"[axiom_inst] "→I" "∃I"(1))
1516AOT_theorem "free-thms:4[2,2]":
1517  ([Π]κ1κ2  κ1κ2[Π])  β (β = κ2)
1518  by (metis "rule=I:1" "&E"(2) "∨E"(1) "cqt:5:a[2]"[axiom_inst]
1519            "cqt:5:b[2]"[axiom_inst] "→I" "∃I"(1))
1520AOT_theorem "free-thms:4[3,rel]":
1521  ([Π]κ1κ2κ3  κ1κ2κ3[Π])  β (β = Π)
1522  by (metis "rule=I:1" "&E"(1) "∨E"(1) "cqt:5:a[3]"[axiom_inst]
1523            "cqt:5:b[3]"[axiom_inst] "→I" "∃I"(1))
1524AOT_theorem "free-thms:4[3,1]":
1525  ([Π]κ1κ2κ3  κ1κ2κ3[Π])  β (β = κ1)
1526  by (metis "rule=I:1" "&E" "∨E"(1) "cqt:5:a[3]"[axiom_inst]
1527            "cqt:5:b[3]"[axiom_inst] "→I" "∃I"(1))
1528AOT_theorem "free-thms:4[3,2]":
1529  ([Π]κ1κ2κ3  κ1κ2κ3[Π])  β (β = κ2)
1530  by (metis "rule=I:1" "&E" "∨E"(1) "cqt:5:a[3]"[axiom_inst]
1531            "cqt:5:b[3]"[axiom_inst] "→I" "∃I"(1))
1532AOT_theorem "free-thms:4[3,3]":
1533  ([Π]κ1κ2κ3  κ1κ2κ3[Π])  β (β = κ3)
1534  by (metis "rule=I:1" "&E"(2) "∨E"(1) "cqt:5:a[3]"[axiom_inst]
1535            "cqt:5:b[3]"[axiom_inst] "→I" "∃I"(1))
1536AOT_theorem "free-thms:4[4,rel]":
1537  ([Π]κ1κ2κ3κ4  κ1κ2κ3κ4[Π])  β (β = Π)
1538  by (metis "rule=I:1" "&E"(1) "∨E"(1) "cqt:5:a[4]"[axiom_inst]
1539            "cqt:5:b[4]"[axiom_inst] "→I" "∃I"(1))
1540AOT_theorem "free-thms:4[4,1]":
1541  ([Π]κ1κ2κ3κ4  κ1κ2κ3κ4[Π])  β (β = κ1)
1542  by (metis "rule=I:1" "&E" "∨E"(1) "cqt:5:a[4]"[axiom_inst]
1543            "cqt:5:b[4]"[axiom_inst] "→I" "∃I"(1))
1544AOT_theorem "free-thms:4[4,2]":
1545  ([Π]κ1κ2κ3κ4  κ1κ2κ3κ4[Π])  β (β = κ2)
1546  by (metis "rule=I:1" "&E" "∨E"(1) "cqt:5:a[4]"[axiom_inst]
1547            "cqt:5:b[4]"[axiom_inst] "→I" "∃I"(1))
1548AOT_theorem "free-thms:4[4,3]":
1549  ([Π]κ1κ2κ3κ4  κ1κ2κ3κ4[Π])  β (β = κ3)
1550  by (metis "rule=I:1" "&E" "∨E"(1) "cqt:5:a[4]"[axiom_inst]
1551            "cqt:5:b[4]"[axiom_inst] "→I" "∃I"(1))
1552AOT_theorem "free-thms:4[4,4]":
1553  ([Π]κ1κ2κ3κ4  κ1κ2κ3κ4[Π])  β (β = κ4)
1554  by (metis "rule=I:1" "&E"(2) "∨E"(1) "cqt:5:a[4]"[axiom_inst]
1555            "cqt:5:b[4]"[axiom_inst] "→I" "∃I"(1))
1556
1557AOT_theorem "ex:1:a": α α
1558  by (rule GEN) (fact "cqt:2[const_var]"[axiom_inst])
1559AOT_theorem "ex:1:b": αβ(β = α)
1560  by (rule GEN) (fact "free-thms:3[const_var]")
1561
1562AOT_theorem "ex:2:a": α
1563  by (rule RN) (fact "cqt:2[const_var]"[axiom_inst])
1564AOT_theorem "ex:2:b": β(β = α)
1565  by (rule RN) (fact "free-thms:3[const_var]")
1566
1567AOT_theorem "ex:3:a": α α
1568  by (rule RN) (fact "ex:1:a")
1569AOT_theorem "ex:3:b": αβ(β = α)
1570  by (rule RN) (fact "ex:1:b")
1571
1572AOT_theorem "ex:4:a": α α
1573  by (rule GEN; rule RN) (fact "cqt:2[const_var]"[axiom_inst])
1574AOT_theorem "ex:4:b": αβ(β = α)
1575  by (rule GEN; rule RN) (fact "free-thms:3[const_var]")
1576
1577AOT_theorem "ex:5:a": α α
1578  by (rule RN) (simp add: "ex:4:a")
1579AOT_theorem "ex:5:b": αβ(β = α)
1580  by (rule RN) (simp add: "ex:4:b")
1581
1582AOT_theorem "all-self=:1": α(α = α)
1583  by (rule RN; rule GEN) (fact "id-eq:1")
1584AOT_theorem "all-self=:2": α(α = α)
1585  by (rule GEN; rule RN) (fact "id-eq:1")
1586
1587AOT_theorem "id-nec:1": α = β  (α = β)
1588proof(rule "→I")
1589  AOT_assume α = β
1590  moreover AOT_have (α = α)
1591    by (rule RN) (fact "id-eq:1")
1592  ultimately AOT_show (α = β) using "rule=E" by fast
1593qed
1594
1595AOT_theorem "id-nec:2": τ = σ  (τ = σ)
1596proof(rule "→I")
1597  AOT_assume asm: τ = σ
1598  moreover AOT_have τ
1599    using calculation "t=t-proper:1" "→E" by blast
1600  moreover AOT_have (τ = τ)
1601    using calculation "all-self=:2" "∀E"(1) by blast
1602  ultimately AOT_show (τ = σ) using "rule=E" by fast
1603qed
1604
1605AOT_theorem "term-out:1": φ{α}  β (β = α & φ{β})
1606proof (rule "≡I"; rule "→I")
1607  AOT_assume asm: φ{α}
1608  AOT_show β (β = α & φ{β})
1609    by (rule "∃I"(2)[where β=α]; rule "&I")
1610       (auto simp: "id-eq:1" asm)
1611next
1612  AOT_assume 0: β (β = α & φ{β})
1613  AOT_obtain β where β = α & φ{β}
1614    using "∃E"[rotated, OF 0] by blast
1615  AOT_thus φ{α} using "&E" "rule=E" by blast
1616qed
1617
1618AOT_theorem "term-out:2": τ  (φ{τ}  α(α = τ & φ{α}))
1619proof(rule "→I")
1620  AOT_assume τ
1621  moreover AOT_have α (φ{α}  β (β = α & φ{β}))
1622    by (rule GEN) (fact "term-out:1")
1623  ultimately AOT_show φ{τ}  α(α = τ & φ{α})
1624    using "∀E" by blast
1625qed
1626
1627(* TODO: example of an apply-style proof. Keep or reformulate? *)
1628AOT_theorem "term-out:3":
1629  (φ{α} & β(φ{β}  β = α))  β(φ{β}  β = α)
1630  apply (rule "≡I"; rule "→I")
1631   apply (frule "&E"(1))
1632   apply (drule "&E"(2))
1633   apply (rule GEN; rule "≡I"; rule "→I")
1634  using "rule-ui:2[const_var]" "vdash-properties:5"
1635    apply blast
1636   apply (meson "rule=E" "id-eq:1")
1637  apply (rule "&I")
1638  using "id-eq:1" "≡E"(2) "rule-ui:3"
1639   apply blast
1640  apply (rule GEN; rule "→I")
1641  using "≡E"(1) "rule-ui:2[const_var]"
1642  by blast
1643
1644(* Note: generalized alphabetic variant of the last theorem. *)
1645AOT_theorem "term-out:4":
1646  (φ{β} & α(φ{α}  α = β))  α(φ{α}  α = β)
1647  using "term-out:3" .
1648
1649(* TODO: would of course be nice to define it without the syntax magic *)
1650AOT_define AOT_exists_unique :: ‹α  φ  φ› "uniqueness:1":
1651  «AOT_exists_unique φ» df α (φ{α} & β (φ{β}  β = α))
1652syntax (input) "_AOT_exists_unique" :: ‹α  φ  φ› ("∃!_ _" [1,40])
1653syntax (output) "_AOT_exists_unique" :: ‹α  φ  φ› ("∃!_'(_')" [1,40])
1654AOT_syntax_print_translations
1655  "_AOT_exists_unique τ φ" <= "CONST AOT_exists_unique (_abs τ φ)"
1656syntax
1657   "_AOT_exists_unique_ellipse" :: ‹id_position  id_position  φ  φ›
1658   (∃!_...∃!_ _› [1,40])
1659parse_ast_translation1660[(syntax_const‹_AOT_exists_unique_ellipse›,
1661  fn ctx => fn [a,b,c] => Ast.mk_appl (Ast.Constant "AOT_exists_unique")
1662  [parseEllipseList "_AOT_vars" ctx [a,b],c]),
1663 (syntax_const‹_AOT_exists_unique›,
1664  AOT_restricted_binder
1665    const_name‹AOT_exists_unique›
1666    const_syntax‹AOT_conj›)]
1667print_translationAOT_syntax_print_translations [
1668  AOT_preserve_binder_abs_tr'
1669    const_syntax‹AOT_exists_unique›
1670    syntax_const‹_AOT_exists_unique›
1671    (syntax_const‹_AOT_exists_unique_ellipse›, true)
1672    const_name‹AOT_conj›,
1673  AOT_binder_trans
1674    @{theory}
1675    @{binding "AOT_exists_unique_binder"}
1676    syntax_const‹_AOT_exists_unique›
1677]
1678
1679
1680context AOT_meta_syntax
1681begin
1682notation AOT_exists_unique (binder "!" 20)
1683end
1684context AOT_no_meta_syntax
1685begin
1686no_notation AOT_exists_unique (binder "!" 20)
1687end
1688
1689AOT_theorem "uniqueness:2": ∃!α φ{α}  αβ(φ{β}  β = α)
1690proof(rule "≡I"; rule "→I")
1691    AOT_assume ∃!α φ{α}
1692    AOT_hence α (φ{α} & β (φ{β}  β = α))
1693      using "uniqueness:1" "≡dfE" by blast
1694    then AOT_obtain α where φ{α} & β (φ{β}  β = α)
1695      using "instantiation"[rotated] by blast
1696    AOT_hence β(φ{β}  β = α)
1697      using "term-out:3" "≡E" by blast
1698    AOT_thus αβ(φ{β}  β = α)
1699      using "∃I" by fast
1700next
1701    AOT_assume αβ(φ{β}  β = α)
1702    then AOT_obtain α where β (φ{β}  β = α)
1703      using "instantiation"[rotated] by blast
1704    AOT_hence φ{α} & β (φ{β}  β = α)
1705      using "term-out:3" "≡E" by blast
1706    AOT_hence α (φ{α} & β (φ{β}  β = α))
1707      using "∃I" by fast
1708    AOT_thus ∃!α φ{α}
1709      using "uniqueness:1" "≡dfI" by blast
1710qed
1711
1712AOT_theorem "uni-most": ∃!α φ{α}  βγ((φ{β} & φ{γ})  β = γ)
1713proof(rule "→I"; rule GEN; rule GEN; rule "→I")
1714  fix β γ
1715  AOT_assume ∃!α φ{α}
1716  AOT_hence αβ(φ{β}  β = α)
1717    using "uniqueness:2" "≡E" by blast
1718  then AOT_obtain α where β(φ{β}  β = α)
1719    using "instantiation"[rotated] by blast
1720  moreover AOT_assume φ{β} & φ{γ}
1721  ultimately AOT_have β = α and γ = α
1722    using "∀E"(2) "&E" "≡E"(1,2) by blast+
1723  AOT_thus β = γ
1724    by (metis "rule=E" "id-eq:2" "→E")
1725qed
1726
1727AOT_theorem "nec-exist-!": α(φ{α}  φ{α})  (∃!α φ{α}  ∃!α φ{α})
1728proof (rule "→I"; rule "→I")
1729  AOT_assume a: α(φ{α}  φ{α})
1730  AOT_assume ∃!α φ{α}
1731  AOT_hence α (φ{α} & β (φ{β}  β = α))
1732    using "uniqueness:1" "≡dfE" by blast
1733  then AOT_obtain α where ξ: φ{α} & β (φ{β}  β = α)
1734    using "instantiation"[rotated] by blast
1735  AOT_have φ{α}
1736    using ξ a "&E" "∀E" "→E" by fast
1737  moreover AOT_have β (φ{β}  β = α)
1738    apply (rule GEN; rule "→I")
1739    using ξ[THEN "&E"(2), THEN "∀E"(2), THEN "→E"]
1740          "qml:2"[axiom_inst, THEN "→E"] by blast
1741  ultimately AOT_have (φ{α} & β (φ{β}  β = α))
1742    using "&I" by blast
1743  AOT_thus ∃!α φ{α}
1744    using "uniqueness:1" "≡dfI" "∃I" by fast
1745qed
1746
1747subsection‹The Theory of Actuality and Descriptions›
1748text‹\label{PLM: 9.8}›
1749
1750AOT_theorem "act-cond": 𝒜(φ  ψ)  (𝒜φ  𝒜ψ)
1751  using "→I" "≡E"(1) "logic-actual-nec:2"[axiom_inst] by blast
1752
1753AOT_theorem "nec-imp-act": φ  𝒜φ
1754  by (metis "act-cond" "contraposition:1[2]" "≡E"(4)
1755            "qml:2"[THEN act_closure, axiom_inst]
1756            "qml-act:2"[axiom_inst] RAA(1) "→E" "→I")
1757
1758AOT_theorem "act-conj-act:1": 𝒜(𝒜φ  φ)
1759  using "→I" "≡E"(2) "logic-actual-nec:2"[axiom_inst]
1760        "logic-actual-nec:4"[axiom_inst] by blast
1761
1762AOT_theorem "act-conj-act:2": 𝒜(φ  𝒜φ)
1763  by (metis "→I" "≡E"(2, 4) "logic-actual-nec:2"[axiom_inst]
1764            "logic-actual-nec:4"[axiom_inst] RAA(1))
1765
1766AOT_theorem "act-conj-act:3": (𝒜φ & 𝒜ψ)  𝒜(φ & ψ)
1767proof -
1768  AOT_have (φ  (ψ  (φ & ψ)))
1769    by (rule RN) (fact Adjunction)
1770  AOT_hence 𝒜(φ  (ψ  (φ & ψ)))
1771    using "nec-imp-act" "→E" by blast
1772  AOT_hence 𝒜φ  𝒜(ψ  (φ & ψ))
1773    using "act-cond" "→E" by blast
1774  moreover AOT_have 𝒜(ψ  (φ & ψ))  (𝒜ψ  𝒜(φ & ψ))
1775    by (fact "act-cond")
1776  ultimately AOT_have 𝒜φ  (𝒜ψ  𝒜(φ & ψ))
1777    using "→I" "→E" by metis
1778  AOT_thus (𝒜φ & 𝒜ψ)  𝒜(φ & ψ)
1779    by (metis Importation "→E")
1780qed
1781
1782AOT_theorem "act-conj-act:4": 𝒜(𝒜φ  φ)
1783proof -
1784  AOT_have (𝒜(𝒜φ  φ) & 𝒜(φ  𝒜φ))  𝒜((𝒜φ  φ) & (φ  𝒜φ))
1785    by (fact "act-conj-act:3")
1786  moreover AOT_have 𝒜(𝒜φ  φ) & 𝒜(φ  𝒜φ)
1787    using "&I" "act-conj-act:1" "act-conj-act:2" by simp
1788  ultimately AOT_have ζ: 𝒜((𝒜φ  φ) & (φ  𝒜φ))
1789    using "→E" by blast
1790  AOT_have 𝒜(((𝒜φ  φ) & (φ  𝒜φ))  (𝒜φ  φ))
1791    using "conventions:3"[THEN "df-rules-formulas[2]",
1792                          THEN act_closure, axiom_inst] by blast
1793  AOT_hence 𝒜((𝒜φ  φ) & (φ  𝒜φ))  𝒜(𝒜φ  φ)
1794    using "act-cond" "→E" by blast
1795  AOT_thus 𝒜(𝒜φ  φ) using ζ "→E" by blast
1796qed
1797
1798(* TODO: consider introducing AOT_inductive *)
1799inductive arbitrary_actualization for φ where
1800  arbitrary_actualization φ «𝒜φ»
1801| arbitrary_actualization φ «𝒜ψ» if arbitrary_actualization φ ψ
1802declare arbitrary_actualization.cases[AOT]
1803        arbitrary_actualization.induct[AOT]
1804        arbitrary_actualization.simps[AOT]
1805        arbitrary_actualization.intros[AOT]
1806syntax arbitrary_actualization :: ‹φ'  φ'  AOT_prop›
1807  ("ARBITRARY'_ACTUALIZATION'(_,_')")
1808
1809notepad
1810begin
1811  AOT_modally_strict {
1812    fix φ
1813    AOT_have ARBITRARY_ACTUALIZATION(𝒜φ  φ, 𝒜(𝒜φ  φ))
1814      using AOT_PLM.arbitrary_actualization.intros by metis
1815    AOT_have ARBITRARY_ACTUALIZATION(𝒜φ  φ, 𝒜𝒜(𝒜φ  φ))
1816      using AOT_PLM.arbitrary_actualization.intros by metis
1817    AOT_have ARBITRARY_ACTUALIZATION(𝒜φ  φ, 𝒜𝒜𝒜(𝒜φ  φ))
1818      using AOT_PLM.arbitrary_actualization.intros by metis
1819  }
1820end
1821
1822
1823AOT_theorem "closure-act:1":
1824  assumes ARBITRARY_ACTUALIZATION(𝒜φ  φ, ψ)
1825  shows ψ
1826using assms proof(induct)
1827  case 1
1828  AOT_show 𝒜(𝒜φ  φ)
1829    by (simp add: "act-conj-act:4")
1830next
1831  case (2 ψ)
1832  AOT_thus 𝒜ψ
1833    by (metis arbitrary_actualization.simps "≡E"(1)
1834              "logic-actual-nec:4"[axiom_inst])
1835qed
1836
1837AOT_theorem "closure-act:2": α 𝒜(𝒜φ{α}  φ{α})
1838  by (simp add: "act-conj-act:4" "∀I")
1839
1840AOT_theorem "closure-act:3": 𝒜α 𝒜(𝒜φ{α}  φ{α})
1841  by (metis (no_types, lifting) "act-conj-act:4" "≡E"(1,2) "∀I"
1842            "logic-actual-nec:3"[axiom_inst]
1843            "logic-actual-nec:4"[axiom_inst])
1844
1845AOT_theorem "closure-act:4": 𝒜α1...∀αn 𝒜(𝒜φ{α1...αn}  φ{α1...αn})
1846  using "closure-act:3" .
1847
1848(* TODO: examine these proofs *)
1849AOT_act_theorem "RA[1]":
1850  assumes  φ
1851  shows  𝒜φ
1852  ― ‹While this proof is rejected in PLM,
1853      we merely state it as modally-fragile rule,
1854      which addresses the concern in PLM.›
1855  using "¬¬E" assms "≡E"(3) "logic-actual"[act_axiom_inst]
1856        "logic-actual-nec:1"[axiom_inst] "modus-tollens:2" by blast
1857AOT_theorem "RA[2]":
1858  assumes  φ
1859  shows  𝒜φ
1860  ― ‹This rule is in fact a consequence of RN and
1861      does not require an appeal to the semantics itself.›
1862  using RN assms "nec-imp-act" "vdash-properties:5" by blast
1863AOT_theorem "RA[3]":
1864  assumes Γ  φ
1865  shows 𝒜Γ  𝒜φ
1866  text‹This appears to only be derivable this is derivable
1867       from the semantics, but apparently no proof actually relies on it.
1868       If this turns out to be required, it is valid to derive it from the
1869       semantics just like RN, but we refrain from doing so, unless necessary.›
1870  (*  using assms by (meson AOT_sem_act imageI) *)
1871  oops
1872
1873AOT_act_theorem "ANeg:1": ¬𝒜φ  ¬φ
1874  by (simp add: "RA[1]" "contraposition:1[1]" "deduction-theorem"
1875                "≡I" "logic-actual"[act_axiom_inst])
1876
1877AOT_act_theorem "ANeg:2": ¬𝒜¬φ  φ
1878  using "ANeg:1" "≡I" "≡E"(5) "useful-tautologies:1"
1879        "useful-tautologies:2" by blast
1880
1881AOT_theorem "Act-Basic:1": 𝒜φ  𝒜¬φ
1882  by (meson "∨I"(1,2) "≡E"(2) "logic-actual-nec:1"[axiom_inst] "raa-cor:1")
1883
1884AOT_theorem "Act-Basic:2": 𝒜(φ & ψ)  (𝒜φ & 𝒜ψ)
1885proof (rule "≡I"; rule "→I")
1886  AOT_assume 𝒜(φ & ψ)
1887  moreover AOT_have 𝒜((φ & ψ)  φ)
1888    by (simp add: "RA[2]" "Conjunction Simplification"(1))
1889  moreover AOT_have 𝒜((φ & ψ)  ψ)
1890    by (simp add: "RA[2]" "Conjunction Simplification"(2))
1891  ultimately AOT_show 𝒜φ & 𝒜ψ
1892    using "act-cond"[THEN "→E", THEN "→E"] "&I" by metis
1893next
1894  AOT_assume 𝒜φ & 𝒜ψ
1895  AOT_thus 𝒜(φ & ψ)
1896    using "act-conj-act:3" "vdash-properties:6" by blast
1897qed
1898
1899AOT_theorem "Act-Basic:3": 𝒜(φ  ψ)  (𝒜(φ  ψ) & 𝒜(ψ  φ))
1900proof (rule "≡I"; rule "→I")
1901  AOT_assume 𝒜(φ  ψ)
1902  moreover AOT_have 𝒜((φ  ψ)  (φ  ψ))
1903    by (simp add: "RA[2]" "deduction-theorem" "≡E"(1))
1904  moreover AOT_have 𝒜((φ  ψ)  (ψ  φ))
1905    by (simp add: "RA[2]" "deduction-theorem" "≡E"(2))
1906  ultimately AOT_show 𝒜(φ  ψ) & 𝒜(ψ  φ)
1907    using "act-cond"[THEN "→E", THEN "→E"] "&I" by metis
1908next
1909  AOT_assume 𝒜(φ  ψ) & 𝒜(ψ  φ)
1910  AOT_hence 𝒜((φ  ψ) & (ψ  φ))
1911    by (metis "act-conj-act:3" "vdash-properties:10")
1912  moreover AOT_have 𝒜(((φ  ψ) & (ψ  φ))  (φ  ψ))
1913    by (simp add: "conventions:3" "RA[2]" "df-rules-formulas[2]"
1914                  "vdash-properties:1[2]")
1915  ultimately AOT_show 𝒜(φ  ψ)
1916    using "act-cond"[THEN "→E", THEN "→E"] by metis
1917qed
1918
1919AOT_theorem "Act-Basic:4": (𝒜(φ  ψ) & 𝒜(ψ  φ))  (𝒜φ  𝒜ψ)
1920proof (rule "≡I"; rule "→I")
1921  AOT_assume 0: 𝒜(φ  ψ) & 𝒜(ψ  φ)
1922  AOT_show 𝒜φ  𝒜ψ
1923    using 0 "&E" "act-cond"[THEN "→E", THEN "→E"] "≡I" "→I" by metis
1924next
1925  AOT_assume 𝒜φ  𝒜ψ
1926  AOT_thus 𝒜(φ  ψ) & 𝒜(ψ  φ)
1927    by (metis "→I" "logic-actual-nec:2"[axiom_inst] "≡E"(1,2) "&I")
1928qed
1929
1930AOT_theorem "Act-Basic:5": 𝒜(φ  ψ)  (𝒜φ  𝒜ψ)
1931  using "Act-Basic:3" "Act-Basic:4" "≡E"(5) by blast
1932
1933AOT_theorem "Act-Basic:6": 𝒜φ  𝒜φ
1934  by (simp add: "≡I" "qml:2"[axiom_inst] "qml-act:1"[axiom_inst])
1935
1936AOT_theorem "Act-Basic:7": 𝒜φ  𝒜φ
1937  by (metis "Act-Basic:6" "→I" "→E" "≡E"(1,2) "nec-imp-act"
1938            "qml-act:2"[axiom_inst])
1939
1940AOT_theorem "Act-Basic:8": φ  𝒜φ
1941  using "Hypothetical Syllogism" "nec-imp-act" "qml-act:1"[axiom_inst] by blast
1942
1943AOT_theorem "Act-Basic:9": 𝒜(φ  ψ)  (𝒜φ  𝒜ψ)
1944proof (rule "≡I"; rule "→I")
1945  AOT_assume 𝒜(φ  ψ)
1946  AOT_thus 𝒜φ  𝒜ψ
1947  proof (rule "raa-cor:3")
1948    AOT_assume ¬(𝒜φ  𝒜ψ)
1949    AOT_hence ¬𝒜φ & ¬𝒜ψ
1950      by (metis "≡E"(1) "oth-class-taut:5:d")
1951    AOT_hence 𝒜¬φ & 𝒜¬ψ
1952      using "logic-actual-nec:1"[axiom_inst, THEN "≡E"(2)] "&E" "&I" by metis
1953    AOT_hence 𝒜(¬φ & ¬ψ)
1954      using "≡E" "Act-Basic:2" by metis
1955    moreover AOT_have 𝒜((¬φ & ¬ψ)  ¬(φ  ψ))
1956      using "RA[2]" "≡E"(6) "oth-class-taut:3:a" "oth-class-taut:5:d" by blast
1957    moreover AOT_have 𝒜(¬φ & ¬ψ)  𝒜(¬(φ  ψ))
1958      using calculation(2) by (metis "Act-Basic:5" "≡E"(1))
1959    ultimately AOT_have 𝒜(¬(φ  ψ)) using "≡E" by blast
1960    AOT_thus ¬𝒜(φ  ψ)
1961      using "logic-actual-nec:1"[axiom_inst, THEN "≡E"(1)] by auto
1962  qed
1963next
1964  AOT_assume 𝒜φ  𝒜ψ
1965  AOT_thus 𝒜(φ  ψ)
1966    by (meson "RA[2]" "act-cond" "∨I"(1) "∨E"(1) "Disjunction Addition"(1,2))
1967qed
1968
1969AOT_theorem "Act-Basic:10": 𝒜α φ{α}  α 𝒜φ{α}
1970proof -
1971  AOT_have θ: ¬𝒜α ¬φ{α}  ¬α 𝒜¬φ{α}
1972    by (rule "oth-class-taut:4:b"[THEN "≡E"(1)])
1973       (metis "logic-actual-nec:3"[axiom_inst])
1974  AOT_have ξ: ¬α 𝒜¬φ{α}  ¬α ¬𝒜φ{α}
1975    by (rule "oth-class-taut:4:b"[THEN "≡E"(1)])
1976       (rule "logic-actual-nec:1"[THEN universal_closure,
1977               axiom_inst, THEN "cqt-basic:3"[THEN "→E"]])
1978  AOT_have 𝒜(α φ{α})  𝒜(¬α ¬φ{α})
1979    using "conventions:4"[THEN "df-rules-formulas[1]",
1980                          THEN act_closure, axiom_inst]
1981          "conventions:4"[THEN "df-rules-formulas[2]",
1982                          THEN act_closure, axiom_inst]
1983    "Act-Basic:4"[THEN "≡E"(1)] "&I" "Act-Basic:5"[THEN "≡E"(2)] by metis
1984  also AOT_have   ¬𝒜α ¬φ{α}
1985    by (simp add: "logic-actual-nec:1" "vdash-properties:1[2]")
1986  also AOT_have   ¬α 𝒜 ¬φ{α} using θ by blast
1987  also AOT_have   ¬α ¬𝒜 φ{α} using ξ by blast
1988  also AOT_have   α 𝒜 φ{α}
1989    using "conventions:4"[THEN "≡Df"] by (metis "≡E"(6) "oth-class-taut:3:a")
1990  finally AOT_show 𝒜α φ{α}  α 𝒜φ{α} .
1991qed
1992
1993
1994AOT_theorem "Act-Basic:11":
1995  𝒜α(φ{α}  ψ{α})  α(𝒜φ{α}  𝒜ψ{α})
1996proof(rule "≡I"; rule "→I")
1997  AOT_assume 𝒜α(φ{α}  ψ{α})
1998  AOT_hence α𝒜(φ{α}  ψ{α})
1999    using "logic-actual-nec:3"[axiom_inst, THEN "≡E"(1)] by blast
2000  AOT_hence 𝒜(φ{α}  ψ{α}) for α using "∀E" by blast
2001  AOT_hence 𝒜φ{α}  𝒜ψ{α} for α by (metis "Act-Basic:5" "≡E"(1))
2002  AOT_thus α(𝒜φ{α}  𝒜ψ{α}) by (rule "∀I")
2003next
2004  AOT_assume α(𝒜φ{α}  𝒜ψ{α})
2005  AOT_hence 𝒜φ{α}  𝒜ψ{α} for α using "∀E" by blast
2006  AOT_hence 𝒜(φ{α}  ψ{α}) for α by (metis "Act-Basic:5" "≡E"(2))
2007  AOT_hence α 𝒜(φ{α}  ψ{α}) by (rule "∀I")
2008  AOT_thus 𝒜α(φ{α}  ψ{α})
2009    using "logic-actual-nec:3"[axiom_inst, THEN "≡E"(2)] by fast
2010qed
2011
2012AOT_act_theorem "act-quant-uniq":
2013  β(𝒜φ{β}  β = α)  β(φ{β}  β = α)
2014proof(rule "≡I"; rule "→I")
2015  AOT_assume β(𝒜φ{β}  β = α)
2016  AOT_hence 𝒜φ{β}  β = α for β using "∀E" by blast
2017  AOT_hence φ{β}  β = α for β
2018    using "≡I" "→I" "RA[1]" "≡E"(1,2) "logic-actual"[act_axiom_inst] "→E"
2019    by metis
2020  AOT_thus β(φ{β}  β = α) by (rule "∀I")
2021next
2022  AOT_assume β(φ{β}  β = α)
2023  AOT_hence φ{β}  β = α for β using "∀E" by blast
2024  AOT_hence 𝒜φ{β}  β = α for β
2025    using "≡I" "→I" "RA[1]" "≡E"(1,2) "logic-actual"[act_axiom_inst] "→E"
2026    by metis
2027  AOT_thus β(𝒜φ{β}  β = α) by (rule "∀I")
2028qed
2029
2030AOT_act_theorem "fund-cont-desc": x = ιx(φ{x})  z(φ{z}  z = x)
2031  using descriptions[axiom_inst] "act-quant-uniq" "≡E"(5) by fast
2032
2033AOT_act_theorem hintikka: x = ιx(φ{x})  (φ{x} & z (φ{z}  z = x))
2034  using "Commutativity of ≡"[THEN "≡E"(1)] "term-out:3"
2035        "fund-cont-desc" "≡E"(5) by blast
2036
2037
2038locale russell_axiom =
2039  fixes ψ
2040  assumes ψ_denotes_asm: "[v  ψ{κ}]  [v  κ]"
2041begin
2042AOT_act_theorem "russell-axiom":
2043  ψ{ιx φ{x}}  x(φ{x} & z(φ{z}  z = x) & ψ{x})
2044proof -
2045  AOT_have b: x (x = ιx φ{x}  (φ{x} & z(φ{z}  z = x)))
2046    using hintikka "∀I" by fast
2047  show ?thesis
2048  proof(rule "≡I"; rule "→I")
2049    AOT_assume c: ψ{ιx φ{x}}
2050    AOT_hence d: ιx φ{x}
2051      using ψ_denotes_asm by blast
2052    AOT_hence y (y = ιx φ{x})
2053      by (metis "rule=I:1" "existential:1")
2054    then AOT_obtain a where a_def: a = ιx φ{x}
2055      using "instantiation"[rotated] by blast
2056    moreover AOT_have a = ιx φ{x}  (φ{a} & z(φ{z}  z = a))
2057      using b "∀E" by blast
2058    ultimately AOT_have φ{a} & z(φ{z}  z = a)
2059      using "≡E" by blast
2060    moreover AOT_have ψ{a}
2061    proof - 
2062      AOT_have 1: xy(x = y  y = x)
2063        by (simp add: "id-eq:2" "universal-cor")
2064      AOT_have a = ιx φ{x}   ιx φ{x} = a
2065        by (rule "∀E"(1)[where τ="«ιx φ{x}»"]; rule "∀E"(2)[where β=a])
2066           (auto simp: 1 d "universal-cor")
2067      AOT_thus ψ{a}
2068        using a_def c "rule=E" "→E" by blast
2069    qed
2070    ultimately AOT_have φ{a} & z(φ{z}  z = a) & ψ{a} by (rule "&I")
2071    AOT_thus x(φ{x} & z(φ{z}  z = x) & ψ{x}) by (rule "∃I")
2072  next
2073    AOT_assume x(φ{x} & z(φ{z}  z = x) & ψ{x})
2074    then AOT_obtain b where g: φ{b} & z(φ{z}  z = b) & ψ{b}
2075      using "instantiation"[rotated] by blast
2076    AOT_hence h: b = ιx φ{x}  (φ{b} & z(φ{z}  z = b))
2077      using b "∀E" by blast
2078    AOT_have φ{b} & z(φ{z}  z = b) and j: ψ{b}
2079      using g "&E" by blast+
2080    AOT_hence b = ιx φ{x} using h "≡E" by blast
2081    AOT_thus ψ{ιx φ{x}} using j "rule=E" by blast
2082  qed
2083qed
2084end
2085
2086(* TODO: this nicely shows off using locales with the embedding,
2087         but maybe there is still a nicer way *)
2088(* TODO: sledgehammer tends to refer to ψ_denotes_asm in these
2089         instantiation instead of referring to cqt:5:a - should be fixed *)
2090interpretation "russell-axiom[exe,1]": russell_axiom λ κ . «[Π]κ»
2091  by standard (metis "cqt:5:a[1]"[axiom_inst, THEN "→E"] "&E"(2))
2092interpretation "russell-axiom[exe,2,1,1]": russell_axiom λ κ . «[Π]κκ'»
2093  by standard (metis "cqt:5:a[2]"[axiom_inst, THEN "→E"] "&E")
2094interpretation "russell-axiom[exe,2,1,2]": russell_axiom λ κ . «[Π]κ'κ»
2095  by standard (metis "cqt:5:a[2]"[axiom_inst, THEN "→E"] "&E"(2))
2096interpretation "russell-axiom[exe,2,2]": russell_axiom λ κ . «[Π]κκ»
2097  by standard (metis "cqt:5:a[2]"[axiom_inst, THEN "→E"] "&E"(2))
2098interpretation "russell-axiom[exe,3,1,1]": russell_axiom λ κ . «[Π]κκ'κ''»
2099  by standard (metis "cqt:5:a[3]"[axiom_inst, THEN "→E"] "&E")
2100interpretation "russell-axiom[exe,3,1,2]": russell_axiom λ κ . «[Π]κ'κκ''»
2101  by standard (metis "cqt:5:a[3]"[axiom_inst, THEN "→E"] "&E")
2102interpretation "russell-axiom[exe,3,1,3]": russell_axiom λ κ . «[Π]κ'κ''κ»
2103  by standard (metis "cqt:5:a[3]"[axiom_inst, THEN "→E"] "&E"(2))
2104interpretation "russell-axiom[exe,3,2,1]": russell_axiom λ κ . «[Π]κκκ'»
2105  by standard (metis "cqt:5:a[3]"[axiom_inst, THEN "→E"] "&E")
2106interpretation "russell-axiom[exe,3,2,2]": russell_axiom λ κ . «[Π]κκ'κ»
2107  by standard (metis "cqt:5:a[3]"[axiom_inst, THEN "→E"] "&E"(2))
2108interpretation "russell-axiom[exe,3,2,3]": russell_axiom λ κ . «[Π]κ'κκ»
2109  by standard (metis "cqt:5:a[3]"[axiom_inst, THEN "→E"] "&E"(2))
2110interpretation "russell-axiom[exe,3,3]": russell_axiom λ κ . «[Π]κκκ»
2111  by standard (metis "cqt:5:a[3]"[axiom_inst, THEN "→E"] "&E"(2))
2112
2113interpretation "russell-axiom[enc,1]": russell_axiom λ κ . «κ[Π]»
2114  by standard (metis "cqt:5:b[1]"[axiom_inst, THEN "→E"] "&E"(2))
2115interpretation "russell-axiom[enc,2,1]": russell_axiom λ κ . «κκ'[Π]»
2116  by standard (metis "cqt:5:b[2]"[axiom_inst, THEN "→E"] "&E")
2117interpretation "russell-axiom[enc,2,2]": russell_axiom λ κ . «κ'κ[Π]»
2118  by standard (metis "cqt:5:b[2]"[axiom_inst, THEN "→E"] "&E"(2))
2119interpretation "russell-axiom[enc,2,3]": russell_axiom λ κ . «κκ[Π]»
2120  by standard (metis "cqt:5:b[2]"[axiom_inst, THEN "→E"] "&E"(2))
2121interpretation "russell-axiom[enc,3,1,1]": russell_axiom λ κ . «κκ'κ''[Π]»
2122  by standard (metis "cqt:5:b[3]"[axiom_inst, THEN "→E"] "&E")
2123interpretation "russell-axiom[enc,3,1,2]": russell_axiom λ κ . «κ'κκ''[Π]»
2124  by standard (metis "cqt:5:b[3]"[axiom_inst, THEN "→E"] "&E")
2125interpretation "russell-axiom[enc,3,1,3]": russell_axiom λ κ . «κ'κ''κ[Π]»
2126  by standard (metis "cqt:5:b[3]"[axiom_inst, THEN "→E"] "&E"(2))
2127interpretation "russell-axiom[enc,3,2,1]": russell_axiom λ κ . «κκκ'[Π]»
2128  by standard (metis "cqt:5:b[3]"[axiom_inst, THEN "→E"] "&E")
2129interpretation "russell-axiom[enc,3,2,2]": russell_axiom λ κ . «κκ'κ[Π]»
2130  by standard (metis "cqt:5:b[3]"[axiom_inst, THEN "→E"] "&E"(2))
2131interpretation "russell-axiom[enc,3,2,3]": russell_axiom λ κ . «κ'κκ[Π]»
2132  by standard (metis "cqt:5:b[3]"[axiom_inst, THEN "→E"] "&E"(2))
2133interpretation "russell-axiom[enc,3,3]": russell_axiom λ κ . «κκκ[Π]»
2134  by standard (metis "cqt:5:b[3]"[axiom_inst, THEN "→E"] "&E"(2))
2135
2136AOT_act_theorem "!-exists:1": ιx φ{x}  ∃!x φ{x}
2137proof(rule "≡I"; rule "→I")
2138  AOT_assume ιx φ{x}
2139  AOT_hence y (y = ιx φ{x}) by (metis "rule=I:1" "existential:1")
2140  then AOT_obtain a where a = ιx φ{x}
2141    using "instantiation"[rotated] by blast
2142  AOT_hence φ{a} & z (φ{z}  z = a)
2143    using hintikka "≡E" by blast
2144  AOT_hence x (φ{x} & z (φ{z}  z = x))
2145    by (rule "∃I")
2146  AOT_thus ∃!x φ{x}
2147    using "uniqueness:1"[THEN "≡dfI"] by blast
2148next
2149  AOT_assume ∃!x φ{x}
2150  AOT_hence x (φ{x} & z (φ{z}  z = x))
2151    using "uniqueness:1"[THEN "≡dfE"] by blast
2152  then AOT_obtain b where φ{b} & z (φ{z}  z = b)
2153    using "instantiation"[rotated] by blast
2154  AOT_hence b = ιx φ{x}
2155    using hintikka "≡E" by blast
2156  AOT_thus ιx φ{x}
2157    by (metis "t=t-proper:2" "vdash-properties:6")
2158qed
2159
2160AOT_act_theorem "!-exists:2": y(y=ιx φ{x})  ∃!x φ{x}
2161  using "!-exists:1" "free-thms:1" "≡E"(6) by blast
2162
2163AOT_act_theorem "y-in:1": x = ιx φ{x}  φ{x}
2164  using "&E"(1) "→I" hintikka "≡E"(1) by blast
2165
2166(* Note: generalized alphabetic variant of the last theorem *)
2167AOT_act_theorem "y-in:2": z = ιx φ{x}  φ{z} using "y-in:1".
2168
2169AOT_act_theorem "y-in:3": ιx φ{x}  φ{ιx φ{x}}
2170proof(rule "→I")
2171  AOT_assume ιx φ{x}
2172  AOT_hence y (y = ιx φ{x})
2173    by (metis "rule=I:1" "existential:1")
2174  then AOT_obtain a where a = ιx φ{x}
2175    using "instantiation"[rotated] by blast
2176  moreover AOT_have φ{a}
2177    using calculation hintikka "≡E"(1) "&E" by blast
2178  ultimately AOT_show φ{ιx φ{x}} using "rule=E" by blast
2179qed
2180
2181AOT_act_theorem "y-in:4": y (y = ιx φ{x})  φ{ιx φ{x}}
2182  using "y-in:3"[THEN "→E"] "free-thms:1"[THEN "≡E"(2)] "→I" by blast
2183
2184
2185AOT_theorem "act-quant-nec":
2186  β (𝒜φ{β}  β = α)  β(𝒜𝒜φ{β}  β = α)
2187proof(rule "≡I"; rule "→I")
2188  AOT_assume β (𝒜φ{β}  β = α)
2189  AOT_hence 𝒜φ{β}  β = α for β using "∀E" by blast
2190  AOT_hence 𝒜𝒜φ{β}  β = α for β 
2191    by (metis "Act-Basic:5" "act-conj-act:4" "≡E"(1) "≡E"(5))
2192  AOT_thus β(𝒜𝒜φ{β}  β = α)
2193    by (rule "∀I")
2194next
2195  AOT_assume β(𝒜𝒜φ{β}  β = α)
2196  AOT_hence 𝒜𝒜φ{β}  β = α for β using "∀E" by blast
2197  AOT_hence 𝒜φ{β}  β = α for β
2198    by (metis "Act-Basic:5" "act-conj-act:4" "≡E"(1) "≡E"(6))
2199  AOT_thus β (𝒜φ{β}  β = α)
2200    by (rule "∀I")
2201qed
2202
2203AOT_theorem "equi-desc-descA:1": x = ιx φ{x}  x = ιx(𝒜φ{x})
2204proof -
2205  AOT_have x = ιx φ{x}  z (𝒜φ{z}  z = x)
2206    using descriptions[axiom_inst] by blast
2207  also AOT_have ...  z (𝒜𝒜φ{z}  z = x)
2208  proof(rule "≡I"; rule "→I"; rule "∀I")
2209    AOT_assume z (𝒜φ{z}  z = x)
2210    AOT_hence 𝒜φ{a}  a = x for a
2211      using "∀E" by blast
2212    AOT_thus 𝒜𝒜φ{a}  a = x for a
2213      by (metis "Act-Basic:5" "act-conj-act:4" "≡E"(1) "≡E"(5))
2214  next
2215    AOT_assume z (𝒜𝒜φ{z}  z = x)
2216    AOT_hence 𝒜𝒜φ{a}  a = x for a
2217      using "∀E" by blast
2218    AOT_thus 𝒜φ{a}  a = x for a
2219      by (metis "Act-Basic:5" "act-conj-act:4" "≡E"(1) "≡E"(6))
2220  qed
2221  also AOT_have ...  x = ιx(𝒜φ{x})
2222    using "Commutativity of ≡"[THEN "≡E"(1)] descriptions[axiom_inst] by fast
2223  finally show ?thesis .
2224qed
2225
2226AOT_theorem "equi-desc-descA:2": ιx φ{x}  ιx φ{x} = ιx(𝒜φ{x})
2227proof(rule "→I")
2228  AOT_assume ιx φ{x}
2229  AOT_hence y (y = ιx φ{x})
2230    by (metis "rule=I:1" "existential:1")
2231  then AOT_obtain a where a = ιx φ{x}
2232    using "instantiation"[rotated] by blast
2233  moreover AOT_have a = ιx(𝒜φ{x})
2234    using calculation "equi-desc-descA:1"[THEN "≡E"(1)] by blast
2235  ultimately AOT_show ιx φ{x} = ιx(𝒜φ{x})
2236    using "rule=E" by fast
2237qed
2238
2239AOT_theorem "nec-hintikka-scheme":
2240  x = ιx φ{x}  𝒜φ{x} & z(𝒜φ{z}  z = x)
2241proof -
2242  AOT_have x = ιx φ{x}  z(𝒜φ{z}  z = x)
2243    using descriptions[axiom_inst] by blast
2244  also AOT_have   (𝒜φ{x} & z(𝒜φ{z}  z = x))
2245    using "Commutativity of ≡"[THEN "≡E"(1)] "term-out:3" by fast
2246  finally show ?thesis.
2247qed
2248
2249AOT_theorem "equiv-desc-eq:1":
2250  𝒜x(φ{x}  ψ{x})  x (x = ιx φ{x}  x = ιx ψ{x})
2251proof(rule "→I"; rule "∀I")
2252  fix β
2253  AOT_assume 𝒜x(φ{x}  ψ{x})
2254  AOT_hence 𝒜(φ{x}  ψ{x}) for x
2255    using "logic-actual-nec:3"[axiom_inst, THEN "≡E"(1)] "∀E"(2) by blast
2256  AOT_hence 0: 𝒜φ{x}  𝒜ψ{x} for x
2257    by (metis "Act-Basic:5" "≡E"(1))
2258  AOT_have β = ιx φ{x}  𝒜φ{β} & z(𝒜φ{z}  z = β)
2259    using "nec-hintikka-scheme" by blast
2260  also AOT_have ...  𝒜ψ{β} & z(𝒜ψ{z}  z = β)
2261  proof (rule "≡I"; rule "→I")
2262    AOT_assume 1: 𝒜φ{β} & z(𝒜φ{z}  z = β)
2263    AOT_hence 𝒜φ{z}  z = β for z
2264      using "&E" "∀E" by blast
2265    AOT_hence 𝒜ψ{z}  z = β for z
2266      using 0 "≡E" "→I" "→E" by metis
2267    AOT_hence z(𝒜ψ{z}  z = β)
2268      using "∀I" by fast
2269    moreover AOT_have 𝒜ψ{β}
2270      using "&E" 0[THEN "≡E"(1)] 1 by blast
2271    ultimately AOT_show 𝒜ψ{β} & z(𝒜ψ{z}  z = β)
2272      using "&I" by blast
2273  next
2274    AOT_assume 1: 𝒜ψ{β} & z(𝒜ψ{z}  z = β)
2275    AOT_hence 𝒜ψ{z}  z = β for z
2276      using "&E" "∀E" by blast
2277    AOT_hence 𝒜φ{z}  z = β for z
2278      using 0 "≡E" "→I" "→E" by metis
2279    AOT_hence z(𝒜φ{z}  z = β)
2280      using "∀I" by fast
2281    moreover AOT_have 𝒜φ{β}
2282      using "&E" 0[THEN "≡E"(2)] 1 by blast
2283    ultimately AOT_show 𝒜φ{β} & z(𝒜φ{z}  z = β)
2284      using "&I" by blast
2285  qed
2286  also AOT_have ...  β = ιx ψ{x}
2287    using "Commutativity of ≡"[THEN "≡E"(1)] "nec-hintikka-scheme" by blast
2288  finally AOT_show β = ιx φ{x}  β = ιx ψ{x} .
2289qed
2290
2291AOT_theorem "equiv-desc-eq:2":
2292  ιx φ{x} & 𝒜x(φ{x}  ψ{x})  ιx φ{x} = ιx ψ{x}
2293proof(rule "→I")
2294  AOT_assume ιx φ{x} & 𝒜x(φ{x}  ψ{x})
2295  AOT_hence 0: y (y = ιx φ{x}) and
2296            1: x (x = ιx φ{x}  x = ιx ψ{x})
2297    using "&E" "free-thms:1"[THEN "≡E"(1)] "equiv-desc-eq:1" "→E" by blast+
2298  then AOT_obtain a where a = ιx φ{x}
2299    using "instantiation"[rotated] by blast
2300  moreover AOT_have a = ιx ψ{x}
2301    using calculation 1 "∀E" "≡E"(1) by fast
2302  ultimately AOT_show ιx φ{x} = ιx ψ{x}
2303    using "rule=E" by fast
2304qed
2305
2306AOT_theorem "equiv-desc-eq:3":
2307  ιx φ{x} & x(φ{x}  ψ{x})  ιx φ{x} = ιx ψ{x}
2308  using "→I" "equiv-desc-eq:2"[THEN "→E", OF "&I"] "&E"
2309        "nec-imp-act"[THEN "→E"] by metis
2310
2311(* Note: this is a special case of "exist-nec" *)
2312AOT_theorem "equiv-desc-eq:4": ιx φ{x}  ιx φ{x}
2313proof(rule "→I")
2314  AOT_assume ιx φ{x}
2315  AOT_hence y (y = ιx φ{x})
2316    by (metis "rule=I:1" "existential:1")
2317  then AOT_obtain a where a = ιx φ{x}
2318    using "instantiation"[rotated] by blast
2319  AOT_thus ιx φ{x}
2320    using "ex:2:a" "rule=E" by fast
2321qed
2322
2323AOT_theorem "equiv-desc-eq:5": ιx φ{x}  y (y = ιx φ{x})
2324proof(rule "→I")
2325  AOT_assume ιx φ{x}
2326  AOT_hence y (y = ιx φ{x})
2327    by (metis "rule=I:1" "existential:1")
2328  then AOT_obtain a where a = ιx φ{x}
2329    using "instantiation"[rotated] by blast
2330  AOT_hence (a = ιx φ{x})
2331    by (metis "id-nec:2" "vdash-properties:10")
2332  AOT_thus y (y = ιx φ{x})
2333    by (rule "∃I")
2334qed
2335
2336AOT_act_theorem "equiv-desc-eq2:1":
2337  x (φ{x}  ψ{x})  x (x = ιx φ{x}  x = ιx ψ{x})
2338  using "→I" "logic-actual"[act_axiom_inst, THEN "→E"]
2339        "equiv-desc-eq:1"[THEN "→E"]
2340        "RA[1]" "deduction-theorem" by blast
2341
2342AOT_act_theorem "equiv-desc-eq2:2":
2343  ιx φ{x} & x (φ{x}  ψ{x})  ιx φ{x} = ιx ψ{x}
2344  using "→I" "logic-actual"[act_axiom_inst, THEN "→E"]
2345        "equiv-desc-eq:2"[THEN "→E", OF "&I"]
2346        "RA[1]" "deduction-theorem" "&E" by metis
2347
2348context russell_axiom
2349begin
2350AOT_theorem "nec-russell-axiom":
2351  ψ{ιx φ{x}}  x(𝒜φ{x} & z(𝒜φ{z}  z = x) & ψ{x})
2352proof -
2353  AOT_have b: x (x = ιx φ{x}  (𝒜φ{x} & z(𝒜φ{z}  z = x)))
2354    using "nec-hintikka-scheme" "∀I" by fast
2355  show ?thesis
2356  proof(rule "≡I"; rule "→I")
2357    AOT_assume c: ψ{ιx φ{x}}
2358    AOT_hence d: ιx φ{x}
2359      using ψ_denotes_asm by blast
2360    AOT_hence y (y = ιx φ{x})
2361      by (metis "rule=I:1" "existential:1")
2362    then AOT_obtain a where a_def: a = ιx φ{x}
2363      using "instantiation"[rotated] by blast
2364    moreover AOT_have a = ιx φ{x}  (𝒜φ{a} & z(𝒜φ{z}  z = a))
2365      using b "∀E" by blast
2366    ultimately AOT_have 𝒜φ{a} & z(𝒜φ{z}  z = a)
2367      using "≡E" by blast
2368    moreover AOT_have ψ{a}
2369    proof - 
2370      AOT_have 1: xy(x = y  y = x)
2371        by (simp add: "id-eq:2" "universal-cor")
2372      AOT_have a = ιx φ{x}   ιx φ{x} = a
2373        by (rule "∀E"(1)[where τ="«ιx φ{x}»"]; rule "∀E"(2)[where β=a])
2374           (auto simp: d "universal-cor" 1)
2375      AOT_thus ψ{a}
2376        using a_def c "rule=E" "→E" by metis
2377    qed
2378    ultimately AOT_have 𝒜φ{a} & z(𝒜φ{z}  z = a) & ψ{a}
2379      by (rule "&I")
2380    AOT_thus x(𝒜φ{x} & z(𝒜φ{z}  z = x) & ψ{x})
2381      by (rule "∃I")
2382  next
2383    AOT_assume x(𝒜φ{x} & z(𝒜φ{z}  z = x) & ψ{x})
2384    then AOT_obtain b where g: 𝒜φ{b} & z(𝒜φ{z}  z = b) & ψ{b}
2385      using "instantiation"[rotated] by blast
2386    AOT_hence h: b = ιx φ{x}  (𝒜φ{b} & z(𝒜φ{z}  z = b))
2387      using b "∀E" by blast
2388    AOT_have 𝒜φ{b} & z(𝒜φ{z}  z = b) and j: ψ{b}
2389      using g "&E" by blast+
2390    AOT_hence b = ιx φ{x}
2391      using h "≡E" by blast
2392    AOT_thus ψ{ιx φ{x}}
2393      using j "rule=E" by blast
2394  qed
2395qed
2396end
2397
2398AOT_theorem "actual-desc:1": ιx φ{x}  ∃!x 𝒜φ{x}
2399proof (rule "≡I"; rule "→I")
2400  AOT_assume ιx φ{x}
2401  AOT_hence y (y = ιx φ{x})
2402    by (metis "rule=I:1" "existential:1")
2403  then AOT_obtain a where a = ιx φ{x}
2404    using "instantiation"[rotated] by blast
2405  moreover AOT_have a = ιx φ{x}  z(𝒜φ{z}  z = a)
2406    using descriptions[axiom_inst] by blast
2407  ultimately AOT_have z(𝒜φ{z}  z = a)
2408    using "≡E" by blast
2409  AOT_hence xz(𝒜φ{z}  z = x) by (rule "∃I")
2410  AOT_thus ∃!x 𝒜φ{x}
2411    using "uniqueness:2"[THEN "≡E"(2)] by fast
2412next
2413  AOT_assume ∃!x 𝒜φ{x}
2414  AOT_hence xz(𝒜φ{z}  z = x)
2415    using "uniqueness:2"[THEN "≡E"(1)] by fast
2416  then AOT_obtain a where z(𝒜φ{z}  z = a)
2417    using "instantiation"[rotated] by blast
2418  moreover AOT_have a = ιx φ{x}  z(𝒜φ{z}  z = a)
2419    using descriptions[axiom_inst] by blast
2420  ultimately AOT_have a = ιx φ{x}
2421    using "≡E" by blast
2422  AOT_thus ιx φ{x}
2423    by (metis "t=t-proper:2" "vdash-properties:6")
2424qed
2425
2426AOT_theorem "actual-desc:2": x = ιx φ{x}  𝒜φ{x}
2427  using "&E"(1) "contraposition:1[2]" "≡E"(1) "nec-hintikka-scheme"
2428        "reductio-aa:2" "vdash-properties:9" by blast
2429
2430(* Note: generalized alphabetic variant of the last theorem *)
2431AOT_theorem "actual-desc:3": z = ιx φ{x}  𝒜φ{z}
2432  using "actual-desc:2".
2433
2434AOT_theorem "actual-desc:4": ιx φ{x}  𝒜φ{ιx φ{x}}
2435proof(rule "→I")
2436  AOT_assume ιx φ{x}
2437  AOT_hence y (y = ιx φ{x}) by (metis "rule=I:1" "existential:1")
2438  then AOT_obtain a where a = ιx φ{x} using "instantiation"[rotated] by blast
2439  AOT_thus 𝒜φ{ιx φ{x}}
2440    using "actual-desc:2" "rule=E" "→E" by fast
2441qed
2442
2443(* TODO: take another look at proof in PLM *)
2444AOT_theorem "actual-desc:5": ιx φ{x} = ιx ψ{x}  𝒜x(φ{x}  ψ{x})
2445proof(rule "→I")
2446  AOT_assume 0: ιx φ{x} = ιx ψ{x}
2447  AOT_hence φ_down: ιx φ{x} and ψ_down: ιx ψ{x}
2448    using "t=t-proper:1" "t=t-proper:2" "vdash-properties:6" by blast+
2449  AOT_hence y (y = ιx φ{x}) and y (y = ιx ψ{x})
2450    by (metis "rule=I:1" "existential:1")+
2451  then AOT_obtain a and b where a_eq: a = ιx φ{x} and b_eq: b = ιx ψ{x}
2452    using "instantiation"[rotated] by metis
2453
2454  AOT_have αβ (α = β  β = α)
2455    by (rule "∀I"; rule "∀I"; rule "id-eq:2")
2456  AOT_hence β (ιx φ{x} = β  β = ιx φ{x})
2457    using "∀E" φ_down by blast
2458  AOT_hence ιx φ{x} = ιx ψ{x}  ιx ψ{x} = ιx φ{x}
2459    using "∀E" ψ_down by blast
2460  AOT_hence 1: ιx ψ{x} = ιx φ{x} using 0
2461    "→E" by blast
2462
2463  AOT_have 𝒜φ{x}  𝒜ψ{x} for x
2464  proof(rule "≡I"; rule "→I")
2465    AOT_assume 𝒜φ{x}
2466    moreover AOT_have 𝒜φ{x}  x = a for x
2467      using "nec-hintikka-scheme"[THEN "≡E"(1), OF a_eq, THEN "&E"(2)]
2468            "∀E" by blast
2469    ultimately AOT_have x = a
2470      using "→E" by blast
2471    AOT_hence x = ιx φ{x}
2472      using a_eq "rule=E" by blast
2473    AOT_hence x = ιx ψ{x}
2474      using 0 "rule=E" by blast
2475    AOT_thus 𝒜ψ{x}
2476      by (metis "actual-desc:3" "vdash-properties:6")
2477  next
2478    AOT_assume 𝒜ψ{x}
2479    moreover AOT_have 𝒜ψ{x}  x = b for x
2480      using "nec-hintikka-scheme"[THEN "≡E"(1), OF b_eq, THEN "&E"(2)]
2481            "∀E" by blast
2482    ultimately AOT_have x = b
2483      using "→E" by blast
2484    AOT_hence x = ιx ψ{x}
2485      using b_eq "rule=E" by blast
2486    AOT_hence x = ιx φ{x}
2487      using 1 "rule=E" by blast
2488    AOT_thus 𝒜φ{x}
2489      by (metis "actual-desc:3" "vdash-properties:6")
2490  qed
2491  AOT_hence 𝒜(φ{x}  ψ{x}) for x
2492    by (metis "Act-Basic:5" "≡E"(2))
2493  AOT_hence x 𝒜(φ{x}  ψ{x})
2494    by (rule "∀I")
2495  AOT_thus 𝒜x (φ{x}  ψ{x})
2496    using "logic-actual-nec:3"[axiom_inst, THEN "≡E"(2)] by fast
2497qed    
2498
2499AOT_theorem "!box-desc:1": ∃!x φ{x}  y (y = ιx φ{x}  φ{y})
2500proof(rule "→I")
2501  AOT_assume ∃!x φ{x}
2502  AOT_hence ζ: x (φ{x} & z (φ{z}  z = x))
2503    using "uniqueness:1"[THEN "≡dfE"] by blast
2504  then AOT_obtain b where θ: φ{b} & z (φ{z}  z = b)
2505    using "instantiation"[rotated] by blast
2506  AOT_show y (y = ιx φ{x}  φ{y})
2507  proof(rule GEN; rule "→I")
2508    fix y
2509    AOT_assume y = ιx φ{x}
2510    AOT_hence 𝒜φ{y} & z (𝒜φ{z}  z = y)
2511      using "nec-hintikka-scheme"[THEN "≡E"(1)] by blast
2512    AOT_hence 𝒜φ{b}  b = y
2513      using "&E" "∀E" by blast
2514    moreover AOT_have 𝒜φ{b}
2515      using θ[THEN "&E"(1)]  by (metis "nec-imp-act" "→E")
2516    ultimately AOT_have b = y
2517      using "→E" by blast
2518    moreover AOT_have φ{b}
2519      using θ[THEN "&E"(1)]  by (metis "qml:2"[axiom_inst] "→E") 
2520    ultimately AOT_show φ{y}
2521      using "rule=E" by blast
2522  qed
2523qed
2524
2525AOT_theorem "!box-desc:2":
2526  x (φ{x}  φ{x})  (∃!x φ{x}  y (y = ιx φ{x}  φ{y}))
2527proof(rule "→I"; rule "→I")
2528  AOT_assume x (φ{x}  φ{x})
2529  moreover AOT_assume ∃!x φ{x}
2530  ultimately AOT_have ∃!x φ{x}
2531    using "nec-exist-!"[THEN "→E", THEN "→E"] by blast
2532  AOT_thus y (y = ιx φ{x}  φ{y})
2533    using "!box-desc:1" "→E" by blast
2534qed
2535
2536(* Note: vacuous in the embedding. *)
2537AOT_theorem "dr-alphabetic-thm": ιν φ{ν}  ιν φ{ν} = ιμ φ{μ}
2538  by (simp add: "rule=I:1" "→I")
2539
2540subsection‹The Theory of Necessity›
2541text‹\label{PLM: 9.9}›
2542
2543AOT_theorem "RM:1[prem]":
2544  assumes Γ  φ  ψ
2545  shows Γ  φ  ψ
2546proof -
2547  AOT_have Γ  (φ  ψ)
2548    using "RN[prem]" assms by blast
2549  AOT_thus Γ  φ  ψ
2550    by (metis "qml:1"[axiom_inst] "→E")
2551qed
2552
2553AOT_theorem "RM:1":
2554  assumes  φ  ψ
2555  shows  φ  ψ
2556  using "RM:1[prem]" assms by blast
2557
2558lemmas RM = "RM:1"
2559
2560AOT_theorem "RM:2[prem]":
2561  assumes Γ  φ  ψ
2562  shows Γ  φ  ψ
2563proof -
2564  AOT_have Γ  ¬ψ  ¬φ
2565    using assms 
2566    by (simp add: "contraposition:1[1]")
2567  AOT_hence Γ  ¬ψ  ¬φ
2568    using "RM:1[prem]" by blast
2569  AOT_thus Γ  φ  ψ
2570    by (meson "≡dfE" "≡dfI" "conventions:5" "→I" "modus-tollens:1")
2571qed
2572
2573AOT_theorem "RM:2":
2574  assumes  φ  ψ
2575  shows  φ  ψ
2576  using "RM:2[prem]" assms by blast
2577
2578lemmas "RM◇" = "RM:2"
2579
2580AOT_theorem "RM:3[prem]":
2581  assumes Γ  φ  ψ
2582  shows Γ  φ  ψ
2583proof -
2584  AOT_have Γ  φ  ψ and Γ  ψ  φ
2585    using assms "≡E" "→I" by metis+
2586  AOT_hence Γ  φ  ψ and Γ  ψ  φ
2587    using "RM:1[prem]" by metis+
2588  AOT_thus Γ  φ  ψ
2589    by (simp add: "≡I")
2590qed
2591
2592AOT_theorem "RM:3":
2593  assumes  φ  ψ
2594  shows  φ  ψ
2595  using "RM:3[prem]" assms by blast
2596
2597lemmas RE = "RM:3"
2598
2599AOT_theorem "RM:4[prem]":
2600  assumes Γ  φ  ψ
2601  shows Γ  φ  ψ
2602proof -
2603  AOT_have Γ  φ  ψ and Γ  ψ  φ
2604    using assms "≡E" "→I" by metis+
2605  AOT_hence Γ  φ  ψ and Γ  ψ  φ
2606    using "RM:2[prem]" by metis+
2607  AOT_thus Γ  φ  ψ
2608    by (simp add: "≡I")
2609qed
2610
2611AOT_theorem "RM:4":
2612  assumes  φ  ψ
2613  shows  φ  ψ
2614  using "RM:4[prem]" assms by blast
2615
2616lemmas "RE◇" = "RM:4"
2617
2618AOT_theorem "KBasic:1": φ  (ψ  φ)
2619  by (simp add: RM "pl:1"[axiom_inst])
2620
2621AOT_theorem "KBasic:2": ¬φ  (φ  ψ)
2622  by (simp add: RM "useful-tautologies:3")
2623
2624AOT_theorem "KBasic:3": (φ & ψ)  (φ & ψ)
2625proof (rule "≡I"; rule "→I")
2626  AOT_assume (φ & ψ)
2627  AOT_thus φ & ψ
2628    by (meson RM "&I" "Conjunction Simplification"(1, 2) "→E")
2629next
2630  AOT_have φ  (ψ  (φ & ψ))
2631    by (simp add: "RM:1" Adjunction)
2632  AOT_hence φ  (ψ  (φ & ψ))
2633    by (metis "Hypothetical Syllogism" "qml:1"[axiom_inst])
2634  moreover AOT_assume φ & ψ
2635  ultimately AOT_show (φ & ψ)
2636    using "→E" "&E" by blast
2637qed
2638
2639AOT_theorem "KBasic:4": (φ  ψ)  ((φ  ψ) & (ψ  φ))
2640proof -
2641  AOT_have θ: ((φ  ψ) & (ψ  φ))  ((φ  ψ) & (ψ  φ))
2642    by (fact "KBasic:3")
2643  AOT_modally_strict {
2644    AOT_have (φ  ψ)  ((φ  ψ) & (ψ  φ))
2645      by (fact "conventions:3"[THEN "≡Df"])
2646  }
2647  AOT_hence ξ: (φ  ψ)  ((φ  ψ) & (ψ  φ))
2648    by (rule RE)
2649  with ξ and θ AOT_show (φ  ψ)  ((φ  ψ) & (ψ  φ))
2650    using "≡E"(5) by blast
2651qed
2652
2653AOT_theorem "KBasic:5": ((φ  ψ) & (ψ  φ))  (φ  ψ)
2654proof -
2655  AOT_have (φ  ψ)  (φ  ψ)
2656    by (fact "qml:1"[axiom_inst])
2657  moreover AOT_have (ψ  φ)  (ψ  φ)
2658    by (fact "qml:1"[axiom_inst])
2659  ultimately AOT_have ((φ  ψ) & (ψ  φ))  ((φ  ψ) & (ψ  φ))
2660    by (metis "&I" MP "Double Composition")
2661  moreover AOT_have ((φ  ψ) & (ψ  φ))  (φ  ψ)
2662    using "conventions:3"[THEN "≡dfI"] "→I" by blast
2663  ultimately AOT_show ((φ  ψ) & (ψ  φ))  (φ  ψ)
2664    by (metis "Hypothetical Syllogism")
2665qed
2666
2667AOT_theorem "KBasic:6": (φ ψ)  (φ  ψ)
2668  using "KBasic:4" "KBasic:5" "deduction-theorem" "≡E"(1) "→E" by blast
2669AOT_theorem "KBasic:7": ((φ & ψ)  (¬φ & ¬ψ))  (φ  ψ)
2670proof (rule "→I"; drule "∨E"(1); (rule "→I")?)
2671  AOT_assume φ & ψ
2672  AOT_hence φ and ψ using "&E" by blast+
2673  AOT_hence (φ  ψ) and (ψ  φ) using "KBasic:1" "→E" by blast+
2674  AOT_hence (φ  ψ) & (ψ  φ) using "&I" by blast
2675  AOT_thus (φ  ψ)  by (metis "KBasic:4" "≡E"(2))
2676next
2677  AOT_assume ¬φ & ¬ψ
2678  AOT_hence 0: (¬φ & ¬ψ) using "KBasic:3"[THEN "≡E"(2)] by blast
2679  AOT_modally_strict {
2680    AOT_have (¬φ & ¬ψ)  (φ  ψ)
2681      by (metis "&E"(1) "&E"(2) "deduction-theorem" "≡I" "reductio-aa:1")
2682  }
2683  AOT_hence (¬φ & ¬ψ)  (φ  ψ)
2684    by (rule RM)
2685  AOT_thus (φ  ψ) using 0 "→E" by blast
2686qed(auto)
2687
2688AOT_theorem "KBasic:8": (φ & ψ)  (φ  ψ)
2689  by (meson "RM:1" "&E"(1) "&E"(2) "deduction-theorem" "≡I")
2690AOT_theorem "KBasic:9": (¬φ & ¬ψ)  (φ  ψ)
2691  by (metis "RM:1" "&E"(1) "&E"(2) "deduction-theorem" "≡I" "raa-cor:4")
2692AOT_theorem "KBasic:10": φ  ¬¬φ
2693  by (simp add: "RM:3" "oth-class-taut:3:b")
2694AOT_theorem "KBasic:11": ¬φ  ¬φ
2695proof (rule "≡I"; rule "→I")
2696  AOT_show ¬φ if ¬φ
2697    using that "≡dfI" "conventions:5" "KBasic:10" "≡E"(3) by blast
2698next
2699  AOT_show ¬φ if ¬φ
2700    using "≡dfE" "conventions:5" "KBasic:10" "≡E"(4) that by blast
2701qed
2702AOT_theorem "KBasic:12": φ  ¬¬φ
2703proof (rule "≡I"; rule "→I")
2704  AOT_show ¬¬φ if φ
2705    using "¬¬I" "KBasic:11" "≡E"(3) that by blast
2706next
2707  AOT_show φ if ¬¬φ
2708  using "KBasic:11" "≡E"(1) "reductio-aa:1" that by blast
2709qed
2710AOT_theorem "KBasic:13": (φ  ψ)  (φ  ψ)
2711proof -
2712  AOT_have φ  ψ  φ  ψ by blast
2713  AOT_hence (φ  ψ)  φ  ψ
2714    using "RM:2[prem]" by blast
2715  AOT_thus (φ  ψ)  (φ  ψ) using "→I" by blast
2716qed
2717lemmas "K◇" = "KBasic:13"
2718AOT_theorem "KBasic:14": φ  ¬¬φ
2719  by (meson "RE◇" "KBasic:11" "KBasic:12" "≡E"(6) "oth-class-taut:3:a")
2720AOT_theorem "KBasic:15": (φ  ψ)  (φ  ψ)
2721proof -
2722  AOT_modally_strict {
2723    AOT_have φ  (φ  ψ) and ψ  (φ  ψ)
2724      by (auto simp: "Disjunction Addition"(1) "Disjunction Addition"(2))
2725  }
2726  AOT_hence φ  (φ  ψ) and ψ  (φ  ψ)
2727    using RM by blast+
2728  AOT_thus (φ  ψ)  (φ  ψ)
2729    by (metis "∨E"(1) "deduction-theorem")
2730qed
2731
2732AOT_theorem "KBasic:16": (φ & ψ)  (φ & ψ)
2733  by (meson "KBasic:13" "RM:1" Adjunction "Hypothetical Syllogism"
2734            Importation "→E")
2735
2736AOT_theorem "rule-sub-lem:1:a":
2737  assumes  (ψ  χ)
2738  shows  ¬ψ  ¬χ
2739  using "qml:2"[axiom_inst, THEN "→E", OF assms]
2740        "≡E"(1) "oth-class-taut:4:b" by blast
2741
2742AOT_theorem "rule-sub-lem:1:b":
2743  assumes  (ψ  χ)
2744  shows  (ψ  Θ)  (χ  Θ)
2745  using "qml:2"[axiom_inst, THEN "→E", OF assms]
2746  using "oth-class-taut:4:c" "vdash-properties:6" by blast
2747
2748AOT_theorem "rule-sub-lem:1:c":
2749  assumes  (ψ  χ)
2750  shows  (Θ  ψ)  (Θ  χ)
2751  using "qml:2"[axiom_inst, THEN "→E", OF assms]
2752  using "oth-class-taut:4:d" "vdash-properties:6" by blast
2753
2754AOT_theorem "rule-sub-lem:1:d":
2755  assumes for arbitrary α:  (ψ{α}  χ{α})
2756  shows  α ψ{α}  α χ{α}
2757proof -
2758  AOT_modally_strict {
2759    AOT_have α (ψ{α}  χ{α})
2760      using "qml:2"[axiom_inst, THEN "→E", OF assms] "∀I" by fast
2761    AOT_hence 0: ψ{α}  χ{α} for α using "∀E" by blast
2762    AOT_show α ψ{α}  α χ{α}
2763    proof (rule "≡I"; rule "→I")
2764      AOT_assume α ψ{α}
2765      AOT_hence ψ{α} for α using "∀E" by blast
2766      AOT_hence χ{α} for α using 0 "≡E" by blast
2767      AOT_thus α χ{α} by (rule "∀I")
2768    next
2769      AOT_assume α χ{α}
2770      AOT_hence χ{α} for α using "∀E" by blast
2771      AOT_hence ψ{α} for α using 0 "≡E" by blast
2772      AOT_thus α ψ{α} by (rule "∀I")
2773    qed
2774  }
2775qed
2776
2777AOT_theorem "rule-sub-lem:1:e":
2778  assumes  (ψ  χ)
2779  shows   ψ]   χ]
2780  using "qml:2"[axiom_inst, THEN "→E", OF assms]
2781  using "≡E"(1) "propositions-lemma:6" by blast
2782
2783AOT_theorem "rule-sub-lem:1:f":
2784  assumes  (ψ  χ)
2785  shows  𝒜ψ  𝒜χ
2786  using "qml:2"[axiom_inst, THEN "→E", OF assms, THEN "RA[2]"]
2787  by (metis "Act-Basic:5" "≡E"(1))
2788
2789AOT_theorem "rule-sub-lem:1:g":
2790  assumes  (ψ  χ)
2791  shows  ψ  χ
2792  using "KBasic:6" assms "vdash-properties:6" by blast
2793
2794text‹Note that instead of deriving @{text "rule-sub-lem:2"},
2795     @{text "rule-sub-lem:3"}, @{text "rule-sub-lem:4"},
2796     and @{text "rule-sub-nec"}, we construct substitution methods instead.›
2797
2798class AOT_subst =
2799  fixes AOT_subst :: "('a  𝗈)  bool"
2800    and AOT_subst_cond :: "'a  'a  bool"
2801  assumes AOT_subst:
2802    "AOT_subst φ  AOT_subst_cond ψ χ  [v  «φ ψ»  «φ χ»]"
2803
2804named_theorems AOT_substI
2805
2806instantiation 𝗈 :: AOT_subst
2807begin
2808
2809inductive AOT_subst_𝗈 where
2810  AOT_subst_𝗈_id[AOT_substI]:
2811    AOT_subst_𝗈 (λφ. φ)
2812  | AOT_subst_𝗈_const[AOT_substI]:
2813    AOT_subst_𝗈 (λφ. ψ)
2814  | AOT_subst_𝗈_not[AOT_substI]:
2815    AOT_subst_𝗈 Θ  AOT_subst_𝗈 (λ φ. «¬Θ{φ}»)
2816  | AOT_subst_𝗈_imp[AOT_substI]:
2817    AOT_subst_𝗈 Θ  AOT_subst_𝗈 Ξ  AOT_subst_𝗈 (λ φ. «Θ{φ}  Ξ{φ}»)
2818  | AOT_subst_𝗈_lambda0[AOT_substI]:
2819    AOT_subst_𝗈 Θ  AOT_subst_𝗈 (λ φ. (AOT_lambda0 (Θ φ)))
2820  | AOT_subst_𝗈_act[AOT_substI]:
2821    AOT_subst_𝗈 Θ  AOT_subst_𝗈 (λ φ. «𝒜Θ{φ}»)
2822  | AOT_subst_𝗈_box[AOT_substI]:
2823    AOT_subst_𝗈 Θ  AOT_subst_𝗈 (λ φ. «Θ{φ}»)
2824  | AOT_subst_𝗈_by_def[AOT_substI]:
2825    ( ψ . AOT_model_equiv_def (Θ ψ) (Ξ ψ)) 
2826      AOT_subst_𝗈 Ξ  AOT_subst_𝗈 Θ
2827
2828
2829definition AOT_subst_cond_𝗈 where
2830  AOT_subst_cond_𝗈  λ ψ χ .  v . [v  ψ  χ]
2831
2832instance
2833proof
2834  fix ψ χ :: 𝗈 and φ :: ‹𝗈  𝗈›
2835  assume cond: ‹AOT_subst_cond ψ χ
2836  assume ‹AOT_subst φ
2837  moreover AOT_have  ψ  χ
2838    using cond unfolding AOT_subst_cond_𝗈_def by blast
2839  ultimately AOT_show  φ{ψ}  φ{χ}
2840  proof (induct arbitrary: ψ χ)
2841    case AOT_subst_𝗈_id
2842    thus ?case
2843      using "≡E"(2) "oth-class-taut:4:b" "rule-sub-lem:1:a" by blast
2844  next
2845    case (AOT_subst_𝗈_const ψ)
2846    thus ?case
2847      by (simp add: "oth-class-taut:3:a")
2848  next
2849    case (AOT_subst_𝗈_not Θ)
2850    thus ?case
2851      by (simp add: RN "rule-sub-lem:1:a")
2852  next
2853    case (AOT_subst_𝗈_imp Θ Ξ)
2854    thus ?case
2855      by (meson RN "≡E"(5) "rule-sub-lem:1:b" "rule-sub-lem:1:c")
2856  next
2857    case (AOT_subst_𝗈_lambda0 Θ)
2858    thus ?case
2859      by (simp add: RN "rule-sub-lem:1:e")
2860  next
2861    case (AOT_subst_𝗈_act Θ)
2862    thus ?case
2863      by (simp add: RN "rule-sub-lem:1:f")
2864  next
2865    case (AOT_subst_𝗈_box Θ)
2866    thus ?case
2867      by (simp add: RN "rule-sub-lem:1:g")
2868  next
2869    case (AOT_subst_𝗈_by_def Θ Ξ)
2870    AOT_modally_strict {
2871      AOT_have Ξ{ψ}  Ξ{χ}
2872        using AOT_subst_𝗈_by_def by simp
2873      AOT_thus Θ{ψ}  Θ{χ}
2874        using "≡Df"[OF AOT_subst_𝗈_by_def(1), of _ ψ]
2875              "≡Df"[OF AOT_subst_𝗈_by_def(1), of _ χ]
2876        by (metis "≡E"(6) "oth-class-taut:3:a")
2877    }
2878  qed
2879qed
2880end
2881
2882instantiation "fun" :: (AOT_Term_id_2, AOT_subst) AOT_subst
2883begin
2884
2885definition AOT_subst_cond_fun :: ('a  'b)  ('a  'b)  bool› where
2886  AOT_subst_cond_fun  λ φ ψ .  α . AOT_subst_cond (φ (AOT_term_of_var α))
2887                                                      (ψ (AOT_term_of_var α))
2888
2889inductive AOT_subst_fun :: (('a  'b)  𝗈)  bool› where
2890  AOT_subst_fun_const[AOT_substI]:
2891    AOT_subst_fun (λφ. ψ)
2892  | AOT_subst_fun_id[AOT_substI]:
2893    ‹AOT_subst Ψ  AOT_subst_fun (λφ. Ψ (φ (AOT_term_of_var α)))
2894  | AOT_subst_fun_all[AOT_substI]:
2895    ‹AOT_subst Ψ  ( α . AOT_subst_fun (Θ (AOT_term_of_var α))) 
2896     AOT_subst_fun (λφ :: 'a  'b. Ψ «α «Θ (α::'a) φ»»)
2897  | AOT_subst_fun_not[AOT_substI]:
2898    ‹AOT_subst Ψ  AOT_subst_fun (λφ. «¬«Ψ φ»»)
2899  | AOT_subst_fun_imp[AOT_substI]:
2900    ‹AOT_subst Ψ  AOT_subst Θ  AOT_subst_fun (λφ. ««Ψ φ»  «Θ φ»»)
2901  | AOT_subst_fun_lambda0[AOT_substI]:
2902    ‹AOT_subst Θ  AOT_subst_fun (λ φ. (AOT_lambda0 (Θ φ)))
2903  | AOT_subst_fun_act[AOT_substI]:
2904    ‹AOT_subst Θ  AOT_subst_fun (λ φ. «𝒜«Θ φ»»)
2905  | AOT_subst_fun_box[AOT_substI]:
2906    ‹AOT_subst Θ  AOT_subst_fun (λ φ. ««Θ φ»»)
2907  | AOT_subst_fun_def[AOT_substI]:
2908    ( φ . AOT_model_equiv_def (Θ φ) (Ψ φ)) 
2909     AOT_subst_fun Ψ  AOT_subst_fun Θ
2910
2911instance proof
2912  fix ψ χ :: 'a  'b and φ :: ('a  'b)  𝗈›
2913  assume ‹AOT_subst φ
2914  moreover assume cond: ‹AOT_subst_cond ψ χ
2915  ultimately AOT_show  «φ ψ»  «φ χ»
2916  proof(induct)
2917    case (AOT_subst_fun_const ψ)
2918    then show ?case by (simp add: "oth-class-taut:3:a")
2919  next
2920  case (AOT_subst_fun_id Ψ x)
2921  then show ?case by (simp add: AOT_subst AOT_subst_cond_fun_def) 
2922  next
2923  next
2924  case (AOT_subst_fun_all Ψ Θ)
2925  AOT_have  (Θ{α, «ψ»}  Θ{α, «χ»}) for α
2926    using AOT_subst_fun_all.hyps(3) AOT_subst_fun_all.prems RN by presburger
2927  thus ?case using AOT_subst[OF AOT_subst_fun_all(1)]
2928    by (simp add: RN "rule-sub-lem:1:d"
2929                  AOT_subst_cond_fun_def AOT_subst_cond_𝗈_def)
2930  next
2931  case (AOT_subst_fun_not Ψ)
2932  then show ?case by (simp add: RN "rule-sub-lem:1:a")
2933  next
2934  case (AOT_subst_fun_imp Ψ Θ)
2935  then show ?case 
2936    unfolding AOT_subst_cond_fun_def AOT_subst_cond_𝗈_def
2937    by (meson "≡E"(5) "oth-class-taut:4:c" "oth-class-taut:4:d" "→E")
2938  next
2939  case (AOT_subst_fun_lambda0 Θ)
2940  then show ?case by (simp add: RN "rule-sub-lem:1:e")
2941  next
2942  case (AOT_subst_fun_act Θ)
2943  then show ?case by (simp add: RN "rule-sub-lem:1:f")
2944  next
2945  case (AOT_subst_fun_box Θ)
2946  then show ?case by (simp add: RN "rule-sub-lem:1:g")
2947  next
2948  case (AOT_subst_fun_def Θ Ψ)
2949  then show ?case
2950    by (meson "df-rules-formulas[3]" "df-rules-formulas[4]" "≡I" "≡E"(5))
2951  qed
2952qed
2953end
2954
2955ML2956fun prove_AOT_subst_tac ctxt = REPEAT (SUBGOAL (fn (trm,_) => let
2957  fun findHeadConst (Const x) = SOME x
2958    | findHeadConst (A $ _) = findHeadConst A
2959    | findHeadConst _ = NONE
2960  fun findDef (Const (const_name‹AOT_model_equiv_def›, _) $ lhs $ _)
2961      = findHeadConst lhs
2962    | findDef (A $ B) = (case findDef A of SOME x => SOME x | _ => findDef B)
2963    | findDef (Abs (_,_,c)) = findDef c
2964    | findDef _ = NONE
2965  val const_opt = (findDef trm)
2966  val defs = case const_opt of SOME const => List.filter (fn thm => let
2967      val concl = Thm.concl_of thm
2968      val thmconst = (findDef concl)
2969      in case thmconst of SOME (c,_) => fst const = c | _ => false end)
2970      (AOT_Definitions.get ctxt)
2971      | _ => []
2972  val tac = case defs of
2973            [] => safe_step_tac (ctxt addSIs @{thms AOT_substI}) 1
2974            | _ => resolve_tac ctxt defs 1
2975  in tac end) 1)
2976fun getSubstThm ctxt reversed phi p q = let
2977val p_ty = Term.type_of p
2978val abs = HOLogic.mk_Trueprop (@{const AOT_subst(_)} $ phi)
2979val abs = Syntax.check_term ctxt abs
2980val substThm = Goal.prove ctxt [] [] abs
2981  (fn {context=ctxt, prems=_} => prove_AOT_subst_tac ctxt)
2982val substThm = substThm RS @{thm AOT_subst}
2983fun TVars_make x = x (* Next Isabelle release: = TVars.make x *)
2984val TVars_empty = [] (* Next Isabelle release: = TVars.empty *)
2985fun Vars_make x = x (* Next Isabelle release: = Vars.make x *)
2986val Vars_empty = [] (* Next Isabelle release: = Vars.empty *)
2987in if reversed then let
2988  val substThm = Drule.instantiate_normalize
2989          (TVars_empty,Vars_make [((("χ", 0), p_ty), Thm.cterm_of ctxt p),
2990          ((("ψ", 0), p_ty), Thm.cterm_of ctxt q)]) substThm
2991  val substThm = substThm RS @{thm "≡E"(1)}
2992  in substThm end
2993else
2994  let
2995  val substThm = Drule.instantiate_normalize
2996          (TVars_empty,Vars_make [((("ψ", 0), p_ty), Thm.cterm_of ctxt p),
2997          ((("χ", 0), p_ty), Thm.cterm_of ctxt q)]) substThm
2998  val substThm = substThm RS @{thm "≡E"(2)}
2999  in substThm end end
3000
3001
3002method_setup AOT_subst = 3003Scan.option (Scan.lift (Args.parens (Args.$$$ "reverse"))) --
3004Scan.lift (Args.embedded_inner_syntax -- Args.embedded_inner_syntax) --
3005Scan.option (Scan.lift (Args.$$$ "for" -- Args.colon) |--
3006Scan.repeat1 (Scan.lift (Args.embedded_inner_syntax) --
3007Scan.option (Scan.lift (Args.$$$ "::" |-- Args.embedded_inner_syntax))))
3008>> (fn ((reversed,(raw_p,raw_q)),raw_bounds) => (fn ctxt =>
3009(Method.SIMPLE_METHOD (Subgoal.FOCUS (fn {context = ctxt, params = _,
3010  prems = prems, asms = asms, concl = concl, schematics = _} =>
3011let
3012val thms = prems
3013val ctxt' = ctxt
3014val ctxt = Context_Position.set_visible false ctxt
3015val raw_bounds = case raw_bounds of SOME bounds => bounds | _ => []
3016
3017val ctxt = (fold (fn (bound, ty) => fn ctxt =>
3018  let
3019    val bound = AOT_read_term @{nonterminal τ'} ctxt bound
3020    val ty = Option.map (Syntax.read_typ ctxt) ty
3021    val ctxt = case ty of SOME ty => let
3022        val bound = Const ("_type_constraint_", Type ("fun", [ty,ty])) $ bound
3023        val bound = Syntax.check_term ctxt bound
3024      in Variable.declare_term bound ctxt end | _ => ctxt
3025  in ctxt end)) raw_bounds ctxt
3026
3027val p = AOT_read_term @{nonterminal φ'} ctxt raw_p
3028val p = Syntax.check_term ctxt p
3029val ctxt = Variable.declare_term p ctxt
3030val q = AOT_read_term @{nonterminal φ'} ctxt raw_q
3031val q = Syntax.check_term ctxt q
3032val ctxt = Variable.declare_term q ctxt
3033
3034val bounds = (map (fn (bound, _) =>
3035  Syntax.check_term ctxt (AOT_read_term @{nonterminal τ'} ctxt bound)
3036)) raw_bounds
3037val p = fold (fn bound => fn p =>
3038  Term.abs ("α", Term.type_of bound) (Term.abstract_over (bound,p)))
3039  bounds p
3040val p = Syntax.check_term ctxt p
3041val p_ty = Term.type_of p
3042
3043val pat = @{const Trueprop} $
3044  (@{const AOT_model_valid_in} $ Var (("w",0), @{typ w}) $
3045   (Var (("φ",0), Type (type_name‹fun›, [p_ty, @{typ 𝗈}])) $ p))
3046val univ = Unify.matchers (Context.Proof ctxt) [(pat, Thm.term_of concl)]
3047val univ = hd (Seq.list_of univ) (* TODO: choose? try all? filter? *)
3048val phi = the (Envir.lookup univ
3049  (("φ",0), Type (type_name‹fun›, [p_ty, @{typ 𝗈}])))
3050
3051val q = fold (fn bound => fn q =>
3052  Term.abs ("α", Term.type_of bound) (Term.abstract_over (bound,q))) bounds q
3053val q = Syntax.check_term ctxt q
3054
3055(* Reparse to report bounds as fixes. *)
3056val ctxt = Context_Position.restore_visible ctxt' ctxt
3057val ctxt' = ctxt
3058fun unsource str = fst (Input.source_content (Syntax.read_input str))
3059val (_,ctxt') = Proof_Context.add_fixes (map (fn (str,_) =>
3060  (Binding.make (unsource str, Position.none), NONE, Mixfix.NoSyn)) raw_bounds)
3061  ctxt'
3062val _ = (map (fn (x,_) =>
3063  Syntax.check_term ctxt (AOT_read_term @{nonterminal τ'} ctxt' x)))
3064  raw_bounds
3065val _ = AOT_read_term @{nonterminal φ'} ctxt' raw_p
3066val _ = AOT_read_term @{nonterminal φ'} ctxt' raw_q
3067val reversed = case reversed of SOME _ => true | _ => false
3068val simpThms = [@{thm AOT_subst_cond_𝗈_def}, @{thm AOT_subst_cond_fun_def}]
3069in
3070resolve_tac ctxt [getSubstThm ctxt reversed phi p q] 1
3071THEN simp_tac (ctxt addsimps simpThms) 1
3072THEN (REPEAT (resolve_tac ctxt [@{thm allI}] 1))
3073THEN (TRY (resolve_tac ctxt thms 1))
3074end
3075) ctxt 1))))
3076
3077
3078method_setup AOT_subst_def = 3079Scan.option (Scan.lift (Args.parens (Args.$$$ "reverse"))) --
3080Attrib.thm
3081>> (fn (reversed,fact) => (fn ctxt =>
3082(Method.SIMPLE_METHOD (Subgoal.FOCUS (fn {context = ctxt, params = _,
3083  prems = prems, asms = asms, concl = concl, schematics = _} =>
3084let
3085val c = Thm.concl_of fact
3086val (lhs, rhs) = case c of (const‹Trueprop› $
3087    (const‹AOT_model_equiv_def› $ lhs $ rhs)) => (lhs, rhs)
3088  | _ => raise Fail "Definition expected."
3089val substCond = HOLogic.mk_Trueprop
3090  (Const (const_name‹AOT_subst_cond›, dummyT) $ lhs $ rhs)
3091val substCond = Syntax.check_term
3092  (Proof_Context.set_mode Proof_Context.mode_schematic ctxt)
3093  substCond
3094val simpThms = [@{thm AOT_subst_cond_𝗈_def},
3095  @{thm AOT_subst_cond_fun_def},
3096  fact RS @{thm "≡Df"}]
3097val substCondThm = Goal.prove ctxt [] [] substCond
3098  (fn {context=ctxt, prems=prems} =>
3099      (SUBGOAL (fn (trm,int) =>
3100        auto_tac (ctxt addsimps simpThms)) 1))
3101val substThm = substCondThm RSN (2,@{thm AOT_subst})
3102in
3103resolve_tac ctxt [substThm RS
3104  (case reversed of NONE => @{thm "≡E"(2)} | _ => @{thm "≡E"(1)})] 1
3105THEN prove_AOT_subst_tac ctxt
3106THEN (TRY (resolve_tac ctxt prems 1))
3107end
3108) ctxt 1))))
3109
3110
3111method_setup AOT_subst_thm = 3112Scan.option (Scan.lift (Args.parens (Args.$$$ "reverse"))) --
3113Attrib.thm
3114>> (fn (reversed,fact) => (fn ctxt =>
3115(Method.SIMPLE_METHOD (Subgoal.FOCUS (fn {context = ctxt, params = _,
3116  prems = prems, asms = asms, concl = concl, schematics = _} =>
3117let
3118val c = Thm.concl_of fact
3119val (lhs, rhs) = case c of
3120  (const‹Trueprop› $
3121   (const‹AOT_model_valid_in› $ _ $
3122    (const‹AOT_equiv› $ lhs $ rhs))) => (lhs, rhs)
3123  | _ => raise Fail "Equivalence expected."
3124
3125val substCond = HOLogic.mk_Trueprop
3126  (Const (const_name‹AOT_subst_cond›, dummyT) $ lhs $ rhs)
3127val substCond = Syntax.check_term
3128  (Proof_Context.set_mode Proof_Context.mode_schematic ctxt)
3129  substCond
3130val simpThms = [@{thm AOT_subst_cond_𝗈_def},
3131  @{thm AOT_subst_cond_fun_def},
3132  fact]
3133val substCondThm = Goal.prove ctxt [] [] substCond
3134  (fn {context=ctxt, prems=prems} =>
3135      (SUBGOAL (fn (trm,int) => auto_tac (ctxt addsimps simpThms)) 1))
3136val substThm = substCondThm RSN (2,@{thm AOT_subst})
3137in
3138resolve_tac ctxt [substThm RS
3139  (case reversed of NONE => @{thm "≡E"(2)} | _ => @{thm "≡E"(1)})] 1
3140THEN prove_AOT_subst_tac ctxt
3141THEN (TRY (resolve_tac ctxt prems 1))
3142end
3143) ctxt 1))))
3144
3145
3146AOT_theorem "rule-sub-remark:1[1]":
3147  assumes  A!x  ¬E!x and ¬A!x
3148  shows ¬¬E!x
3149  by (AOT_subst (reverse) ¬E!x A!x)
3150     (auto simp: assms) 
3151
3152AOT_theorem "rule-sub-remark:1[2]":
3153  assumes  A!x  ¬E!x and  ¬¬E!x
3154  shows ¬A!x
3155  by (AOT_subst A!x ¬E!x)
3156     (auto simp: assms)
3157
3158AOT_theorem "rule-sub-remark:2[1]":
3159  assumes  [R]xy  ([R]xy & ([Q]a  ¬[Q]a))
3160      and p  [R]xy
3161  shows p  [R]xy & ([Q]a  ¬[Q]a)
3162  by (AOT_subst_thm (reverse) assms(1)) (simp add: assms(2))
3163
3164AOT_theorem "rule-sub-remark:2[2]":
3165  assumes  [R]xy  ([R]xy & ([Q]a  ¬[Q]a))
3166      and p  [R]xy & ([Q]a  ¬[Q]a)
3167  shows p  [R]xy
3168  by (AOT_subst_thm assms(1)) (simp add: assms(2))
3169
3170AOT_theorem "rule-sub-remark:3[1]":
3171  assumes for arbitrary x:  A!x  ¬E!x
3172      and x A!x
3173    shows x ¬E!x
3174  by (AOT_subst (reverse) ¬E!x A!x for: x)
3175     (auto simp: assms)
3176
3177AOT_theorem "rule-sub-remark:3[2]":
3178  assumes for arbitrary x:  A!x  ¬E!x
3179      and x ¬E!x
3180    shows x A!x
3181  by (AOT_subst A!x ¬E!x for: x)
3182     (auto simp: assms)
3183
3184AOT_theorem "rule-sub-remark:4[1]":
3185  assumes  ¬¬[P]x  [P]x and 𝒜¬¬[P]x
3186  shows 𝒜[P]x
3187  by (AOT_subst_thm (reverse) assms(1)) (simp add: assms(2))
3188
3189AOT_theorem "rule-sub-remark:4[2]":
3190  assumes  ¬¬[P]x  [P]x and 𝒜[P]x
3191  shows 𝒜¬¬[P]x
3192  by (AOT_subst_thm assms(1)) (simp add: assms(2))
3193
3194AOT_theorem "rule-sub-remark:5[1]":
3195  assumes  (φ  ψ)  (¬ψ  ¬φ) and (φ  ψ)
3196  shows (¬ψ  ¬φ)
3197  by (AOT_subst_thm (reverse) assms(1)) (simp add: assms(2))
3198
3199AOT_theorem "rule-sub-remark:5[2]":
3200  assumes  (φ  ψ)  (¬ψ  ¬φ) and (¬ψ  ¬φ)
3201  shows (φ  ψ) 
3202  by (AOT_subst_thm assms(1)) (simp add: assms(2))
3203
3204AOT_theorem "rule-sub-remark:6[1]":
3205  assumes  ψ  χ and (φ  ψ)
3206  shows (φ  χ) 
3207  by (AOT_subst_thm (reverse) assms(1)) (simp add: assms(2))
3208
3209AOT_theorem "rule-sub-remark:6[2]":
3210  assumes  ψ  χ and (φ  χ)
3211  shows (φ  ψ)
3212  by (AOT_subst_thm assms(1)) (simp add: assms(2))
3213
3214AOT_theorem "rule-sub-remark:7[1]":
3215  assumes  φ  ¬¬φ and (φ  φ)
3216  shows (¬¬φ  φ) 
3217  by (AOT_subst_thm (reverse) assms(1)) (simp add: assms(2))
3218
3219AOT_theorem "rule-sub-remark:7[2]":
3220  assumes  φ  ¬¬φ and (¬¬φ  φ)
3221  shows (φ  φ)
3222  by (AOT_subst_thm assms(1)) (simp add: assms(2))
3223
3224AOT_theorem "KBasic2:1": ¬φ  ¬φ
3225  by (meson "conventions:5" "contraposition:2"
3226            "Hypothetical Syllogism" "df-rules-formulas[3]"
3227            "df-rules-formulas[4]" "≡I" "useful-tautologies:1")
3228
3229AOT_theorem "KBasic2:2": (φ  ψ)  (φ  ψ)
3230proof -
3231  AOT_have (φ  ψ)  ¬(¬φ & ¬ψ)
3232    by (simp add: "RE◇" "oth-class-taut:5:b")
3233  also AOT_have   ¬(¬φ & ¬ψ)
3234    using "KBasic:11" "≡E"(6) "oth-class-taut:3:a" by blast
3235  also AOT_have   ¬(¬φ & ¬ψ)
3236    using "KBasic:3" "≡E"(1) "oth-class-taut:4:b" by blast
3237  also AOT_have   ¬(¬φ & ¬ψ)
3238    using "KBasic2:1"
3239    by (AOT_subst ¬φ ¬φ; AOT_subst ¬ψ ¬ψ;
3240        auto simp: "oth-class-taut:3:a")
3241  also AOT_have   ¬¬(φ  ψ)
3242    using "≡E"(6) "oth-class-taut:3:b" "oth-class-taut:5:b" by blast
3243  also AOT_have   φ  ψ
3244    by (simp add: "≡I" "useful-tautologies:1" "useful-tautologies:2")
3245  finally show ?thesis .
3246qed
3247
3248AOT_theorem "KBasic2:3": (φ & ψ)  (φ & ψ)
3249  by (metis "RM◇" "&I" "Conjunction Simplification"(1,2)
3250            "→I" "modus-tollens:1" "reductio-aa:1")
3251
3252AOT_theorem "KBasic2:4": (φ  ψ)  (φ  ψ)
3253proof -
3254  AOT_have (φ  ψ)  (¬φ  ψ)
3255    by (AOT_subst φ  ψ ¬φ  ψ)
3256       (auto simp: "oth-class-taut:1:c" "oth-class-taut:3:a")
3257  also AOT_have ...  ¬φ  ψ
3258    by (simp add: "KBasic2:2")
3259  also AOT_have ...  ¬φ  ψ
3260    by (AOT_subst ¬φ ¬φ)
3261       (auto simp: "KBasic:11" "oth-class-taut:3:a")
3262  also AOT_have ...  φ  ψ
3263    using "≡E"(6) "oth-class-taut:1:c" "oth-class-taut:3:a" by blast
3264  finally show ?thesis .
3265qed
3266
3267AOT_theorem "KBasic2:5": φ  ¬¬φ
3268  using "conventions:5"[THEN "≡Df"]
3269  by (AOT_subst φ ¬¬φ;
3270      AOT_subst ¬¬φ ¬¬¬¬φ;
3271      AOT_subst (reverse) ¬¬¬φ ¬φ)
3272     (auto simp: "oth-class-taut:3:b" "oth-class-taut:3:a")
3273
3274
3275AOT_theorem "KBasic2:6": (φ  ψ)  (φ  ψ)
3276proof(rule "→I"; rule "raa-cor:1")
3277  AOT_assume (φ  ψ)
3278  AOT_hence (¬φ  ψ)
3279    using "conventions:2"[THEN "≡Df"]
3280    by (AOT_subst (reverse) ¬φ  ψ φ  ψ) simp
3281  AOT_hence 1: ¬φ  ψ
3282    using "KBasic:13" "vdash-properties:10" by blast
3283  AOT_assume ¬(φ  ψ)
3284  AOT_hence ¬φ and ¬ψ
3285    using "&E" "≡E"(1) "oth-class-taut:5:d" by blast+
3286  AOT_thus ψ & ¬ψ
3287    using "&I"(1) 1[THEN "→E"] "KBasic:11" "≡E"(4) "raa-cor:3" by blast
3288qed
3289
3290AOT_theorem "KBasic2:7": ((φ  ψ) & ¬φ)  ψ
3291proof(rule "→I"; frule "&E"(1); drule "&E"(2))
3292  AOT_assume (φ  ψ)
3293  AOT_hence 1: φ  ψ
3294    using "KBasic2:6" "∨I"(2) "∨E"(1) by blast
3295  AOT_assume ¬φ
3296  AOT_hence ¬φ using "KBasic:11" "≡E"(2) by blast
3297  AOT_thus ψ using 1 "∨E"(2) by blast
3298qed
3299
3300AOT_theorem "T-S5-fund:1": φ  φ
3301  by (meson "≡dfI" "conventions:5" "contraposition:2"
3302            "Hypothetical Syllogism" "→I" "qml:2"[axiom_inst])
3303lemmas "T◇" = "T-S5-fund:1"
3304
3305AOT_theorem "T-S5-fund:2": φ  φ
3306proof(rule "→I")
3307  AOT_assume φ
3308  AOT_hence ¬¬φ
3309    using "KBasic:14" "≡E"(4) "raa-cor:3" by blast
3310  moreover AOT_have ¬φ  ¬φ
3311    by (fact "qml:3"[axiom_inst])
3312  ultimately AOT_have ¬¬φ
3313    using "modus-tollens:1" by blast
3314  AOT_thus φ using "KBasic:12" "≡E"(2) by blast
3315qed
3316lemmas "5◇" = "T-S5-fund:2"
3317
3318AOT_theorem "Act-Sub:1": 𝒜φ  ¬𝒜¬φ
3319  by (AOT_subst 𝒜¬φ ¬𝒜φ)
3320     (auto simp: "logic-actual-nec:1"[axiom_inst] "oth-class-taut:3:b")
3321
3322AOT_theorem "Act-Sub:2": φ  𝒜φ
3323  using "conventions:5"[THEN "≡Df"]
3324  by (AOT_subst φ ¬¬φ)
3325     (metis "deduction-theorem" "≡I" "≡E"(1) "≡E"(2) "≡E"(3)
3326            "logic-actual-nec:1"[axiom_inst] "qml-act:2"[axiom_inst])
3327
3328AOT_theorem "Act-Sub:3": 𝒜φ  φ
3329  using "conventions:5"[THEN "≡Df"]
3330  by (AOT_subst φ ¬¬φ)
3331     (metis "Act-Sub:1" "→I" "≡E"(4) "nec-imp-act" "reductio-aa:2" "→E")
3332
3333AOT_theorem "Act-Sub:4": 𝒜φ  𝒜φ
3334proof (rule "≡I"; rule "→I")
3335  AOT_assume 𝒜φ
3336  AOT_thus 𝒜φ using "T◇" "vdash-properties:10" by blast
3337next
3338  AOT_assume 𝒜φ
3339  AOT_hence ¬¬𝒜φ
3340    using "≡dfE" "conventions:5" by blast
3341  AOT_hence ¬𝒜¬φ
3342    by (AOT_subst 𝒜¬φ ¬𝒜φ)
3343       (simp add: "logic-actual-nec:1"[axiom_inst])
3344  AOT_thus 𝒜φ
3345    using "Act-Basic:1" "Act-Basic:6" "∨E"(3) "≡E"(4)
3346          "reductio-aa:1" by blast
3347qed
3348
3349AOT_theorem "Act-Sub:5": 𝒜φ  𝒜φ
3350  by (metis "Act-Sub:2" "Act-Sub:3" "Act-Sub:4" "→I" "≡E"(1) "≡E"(2) "→E")
3351
3352AOT_theorem "S5Basic:1": φ  φ
3353  by (simp add: "≡I" "qml:2"[axiom_inst] "qml:3"[axiom_inst])
3354
3355AOT_theorem "S5Basic:2": φ  φ
3356  by (simp add: "T◇" "5◇" "≡I")
3357
3358AOT_theorem "S5Basic:3": φ  φ
3359  using "T◇" "Hypothetical Syllogism" "qml:3"[axiom_inst] by blast
3360lemmas "B" = "S5Basic:3"
3361
3362AOT_theorem "S5Basic:4": φ  φ
3363  using "5◇" "Hypothetical Syllogism" "qml:2"[axiom_inst] by blast
3364lemmas "B◇" = "S5Basic:4"
3365
3366AOT_theorem "S5Basic:5": φ  φ
3367  using "RM:1" "B" "5◇" "Hypothetical Syllogism" by blast
3368lemmas "4" = "S5Basic:5"
3369
3370AOT_theorem "S5Basic:6": φ  φ
3371  by (simp add: "4" "≡I" "qml:2"[axiom_inst])
3372
3373AOT_theorem "S5Basic:7": φ  φ
3374  using "conventions:5"[THEN "≡Df"] "oth-class-taut:3:b"
3375  by (AOT_subst φ ¬¬φ;
3376      AOT_subst φ ¬¬φ;
3377      AOT_subst (reverse) ¬¬¬φ ¬φ;
3378      AOT_subst (reverse) ¬φ ¬φ)
3379     (auto simp: "S5Basic:6" "if-p-then-p")
3380
3381lemmas "4◇" = "S5Basic:7"
3382
3383AOT_theorem "S5Basic:8": φ  φ
3384  by (simp add: "4◇" "T◇" "≡I")
3385
3386AOT_theorem "S5Basic:9": (φ  ψ)  (φ  ψ)
3387  apply (rule "≡I"; rule "→I")
3388  using "KBasic2:6" "5◇" "∨I"(3) "if-p-then-p" "vdash-properties:10"
3389   apply blast
3390  by (meson "KBasic:15" "4" "∨I"(3) "∨E"(1) "Disjunction Addition"(1)
3391            "con-dis-taut:7" "intro-elim:1" "Commutativity of ∨")
3392
3393AOT_theorem "S5Basic:10": (φ  ψ)  (φ  ψ)
3394(* Note: nicely this proof is entirely sledgehammer generated *)
3395proof(rule "≡I"; rule "→I")
3396  AOT_assume (φ  ψ)
3397  AOT_hence φ  ψ
3398    by (meson "KBasic2:6" "∨I"(2) "∨E"(1))
3399  AOT_thus φ  ψ
3400    by (meson "B◇" "4" "4◇" "T◇" "∨I"(3))
3401next
3402  AOT_assume φ  ψ
3403  AOT_hence φ  ψ
3404    by (meson "S5Basic:1" "B◇" "S5Basic:6" "T◇" "5◇" "∨I"(3) "intro-elim:1")
3405  AOT_thus (φ  ψ)
3406    by (meson "KBasic:15" "∨I"(3) "∨E"(1) "Disjunction Addition"(1,2))
3407qed
3408
3409AOT_theorem "S5Basic:11": (φ & ψ)  (φ & ψ)
3410proof -
3411  AOT_have (φ & ψ)  ¬(¬φ  ¬ψ)
3412    by (AOT_subst φ & ψ ¬(¬φ  ¬ψ))
3413       (auto simp: "oth-class-taut:5:a" "oth-class-taut:3:a")
3414  also AOT_have   ¬(¬φ  ¬ψ)
3415    by (AOT_subst ¬ψ ¬ψ)
3416       (auto simp: "KBasic2:1" "oth-class-taut:3:a")
3417  also AOT_have   ¬(¬φ  ¬ψ)
3418    using "KBasic:11" "≡E"(6) "oth-class-taut:3:a" by blast
3419  also AOT_have   ¬(¬φ  ¬ψ)
3420    using "S5Basic:9" "≡E"(1) "oth-class-taut:4:b" by blast
3421  also AOT_have   ¬(¬φ  ¬ψ)
3422    using "KBasic2:1"
3423    by (AOT_subst ¬φ ¬φ; AOT_subst ¬ψ ¬ψ)
3424       (auto simp:  "oth-class-taut:3:a")
3425  also AOT_have   φ & ψ
3426    using "≡E"(6) "oth-class-taut:3:a" "oth-class-taut:5:a" by blast
3427  finally show ?thesis .
3428qed
3429
3430AOT_theorem "S5Basic:12": (φ & ψ)  (φ & ψ)
3431proof (rule "≡I"; rule "→I")
3432  AOT_assume (φ & ψ)
3433  AOT_hence φ & ψ
3434    using "KBasic2:3" "vdash-properties:6" by blast
3435  AOT_thus φ & ψ
3436    using "5◇" "&I" "&E"(1) "&E"(2) "vdash-properties:6" by blast
3437next
3438  AOT_assume φ & ψ
3439  moreover AOT_have (ψ & φ)  (φ & ψ)
3440    by (AOT_subst φ & ψ ψ & φ)
3441       (auto simp: "Commutativity of &" "KBasic:16")
3442  ultimately AOT_show (φ & ψ)
3443    by (metis "4" "&I" "Conjunction Simplification"(1,2) "→E")
3444qed
3445
3446AOT_theorem "S5Basic:13": (φ  ψ)  (φ  ψ)
3447proof (rule "≡I")
3448  AOT_modally_strict {
3449    AOT_have (φ  ψ)  (φ  ψ)
3450      by (meson "KBasic:13" "B◇" "Hypothetical Syllogism" "→I")
3451  }
3452  AOT_hence (φ  ψ)  (φ  ψ)
3453    by (rule RM)
3454  AOT_thus  (φ  ψ)  (φ  ψ)
3455    using "4" "Hypothetical Syllogism" by blast
3456next
3457  AOT_modally_strict {
3458    AOT_have (φ  ψ)  (φ  ψ)
3459      by (meson "B" "Hypothetical Syllogism" "→I" "qml:1"[axiom_inst])
3460  }
3461  AOT_hence  (φ  ψ)  (φ  ψ)
3462    by (rule RM)
3463  AOT_thus (φ  ψ)  (φ  ψ)
3464    using "4" "Hypothetical Syllogism" by blast
3465qed
3466
3467AOT_theorem "derived-S5-rules:1":
3468  assumes Γ  φ  ψ
3469  shows Γ  φ  ψ
3470proof -
3471  AOT_have Γ  φ  ψ
3472    using assms by (rule "RM:1[prem]")
3473  AOT_thus Γ  φ  ψ
3474    using "B" "Hypothetical Syllogism" by blast
3475qed
3476
3477AOT_theorem "derived-S5-rules:2":
3478  assumes Γ  φ  ψ
3479  shows Γ  φ  ψ
3480proof -
3481  AOT_have Γ  φ  ψ
3482    using assms by (rule "RM:2[prem]")
3483  AOT_thus Γ  φ  ψ
3484    using "B◇" "Hypothetical Syllogism" by blast
3485qed
3486
3487AOT_theorem "BFs:1": α φ{α}  α φ{α}
3488proof -
3489  AOT_modally_strict {
3490    AOT_have α φ{α}  φ{α} for α
3491      using "cqt-orig:3" by (rule "RM◇")
3492    AOT_hence α φ{α}  α φ{α}
3493      using "B◇" "∀I" "→E" "→I" by metis
3494  }
3495  thus ?thesis
3496    using "derived-S5-rules:1" by blast
3497qed
3498lemmas "BF" = "BFs:1"
3499
3500AOT_theorem "BFs:2": α φ{α}  α φ{α}
3501proof -
3502  AOT_have α φ{α}  φ{α} for α
3503    using RM "cqt-orig:3" by metis
3504  thus ?thesis
3505    using "cqt-orig:2"[THEN "→E"] "∀I" by metis
3506qed
3507lemmas "CBF" = "BFs:2"
3508
3509AOT_theorem "BFs:3": α φ{α}  α φ{α}
3510proof(rule "→I")
3511  AOT_modally_strict {
3512    AOT_have α ¬φ{α}  α ¬φ{α}
3513      using BF CBF "≡I" by blast
3514  } note θ = this
3515
3516  AOT_assume α φ{α}
3517  AOT_hence ¬¬(α φ{α})
3518    using "≡dfE" "conventions:5" by blast
3519  AOT_hence ¬α ¬φ{α}
3520    apply (AOT_subst α ¬φ{α} ¬(α φ{α}))
3521    using "≡dfI" "conventions:3" "conventions:4" "&I"
3522          "contraposition:2" "cqt-further:4"
3523          "df-rules-formulas[3]" by blast
3524  AOT_hence ¬α ¬φ{α}
3525    apply (AOT_subst (reverse) α ¬φ{α} α ¬φ{α})
3526    using θ by blast
3527  AOT_hence ¬α ¬¬¬φ{α}
3528    by (AOT_subst (reverse) ¬¬¬φ{α} ¬φ{α} for: α)
3529       (simp add: "oth-class-taut:3:b")
3530  AOT_hence α ¬¬φ{α}
3531    by (rule "conventions:4"[THEN "≡dfI"])
3532  AOT_thus α φ{α}
3533    using "conventions:5"[THEN "≡Df"]
3534    by (AOT_subst φ{α} ¬¬φ{α} for: α)
3535qed
3536lemmas "BF◇" = "BFs:3"
3537
3538AOT_theorem "BFs:4": α φ{α}  α φ{α}
3539proof(rule "→I")
3540  AOT_assume α φ{α}
3541  AOT_hence ¬α ¬φ{α}
3542    using "conventions:4"[THEN "≡dfE"] by blast
3543  AOT_hence ¬α ¬φ{α}
3544    using "KBasic2:1"
3545    by (AOT_subst ¬φ{α} ¬φ{α} for: α)
3546  moreover AOT_have α ¬φ{α}  α ¬φ{α}
3547    using "≡I" "BF" "CBF" by metis
3548  ultimately AOT_have 1: ¬α ¬φ{α}
3549    using "≡E"(3) by blast
3550  AOT_show α φ{α}
3551    apply (rule "conventions:5"[THEN "≡dfI"])
3552    apply (AOT_subst α φ{α} ¬α ¬φ{α})
3553     apply (simp add: "conventions:4" "≡Df")
3554    apply (AOT_subst ¬¬α ¬φ{α} α ¬φ{α})
3555    by (auto simp: 1 "≡I" "useful-tautologies:1" "useful-tautologies:2")
3556qed
3557lemmas "CBF◇" = "BFs:4"
3558
3559AOT_theorem "sign-S5-thm:1": α φ{α}  α φ{α}
3560proof(rule "→I")
3561  AOT_assume α φ{α}
3562  then AOT_obtain α where φ{α} using "∃E" by metis
3563  moreover AOT_have α
3564    by (simp add: "ex:1:a" "rule-ui:2[const_var]" RN)
3565  moreover AOT_have φ{τ}, τ  α φ{α} for τ
3566  proof -
3567    AOT_have φ{τ}, τ  α φ{α} using "existential:1" by blast
3568    AOT_thus φ{τ}, τ  α φ{α}
3569      using "RN[prem]"[where Γ="{φ τ, «τ»}", simplified] by blast
3570  qed
3571  ultimately AOT_show α φ{α} by blast
3572qed
3573lemmas Buridan = "sign-S5-thm:1"
3574
3575AOT_theorem "sign-S5-thm:2": α φ{α}  α φ{α}
3576proof -
3577  AOT_have α (α φ{α}  φ{α})
3578    by (simp add: "RM◇" "cqt-orig:3" "∀I")
3579  AOT_thus α φ{α}  α φ{α}
3580    using "∀E"(4) "∀I" "→E" "→I" by metis
3581qed
3582lemmas "Buridan◇" = "sign-S5-thm:2"
3583
3584AOT_theorem "sign-S5-thm:3":
3585  α (φ{α} & ψ{α})  (α φ{α} & α ψ{α})
3586  apply (rule "RM:2")
3587  by (metis (no_types, lifting) "∃E" "&I" "&E"(1) "&E"(2) "→I" "∃I"(2))
3588
3589AOT_theorem "sign-S5-thm:4": α (φ{α} & ψ{α})  α φ{α}
3590  apply (rule "RM:2")
3591  by (meson "instantiation" "&E"(1) "→I" "∃I"(2))
3592
3593AOT_theorem "sign-S5-thm:5":
3594  (α (φ{α}  ψ{α}) & α (ψ{α}  χ{α}))  α (φ{α}  χ{α})
3595proof -
3596  {
3597    fix φ' ψ' χ'
3598    AOT_assume  φ' & ψ'  χ'
3599    AOT_hence φ' & ψ'  χ'
3600      using "RN[prem]"[where Γ="{φ', ψ'}"] apply simp
3601      using "&E" "&I" "→E" "→I" by metis
3602  } note R = this
3603  show ?thesis by (rule R; fact AOT)
3604qed
3605
3606AOT_theorem "sign-S5-thm:6":
3607  (α (φ{α}  ψ{α}) & α(ψ{α}  χ{α}))  α(φ{α}  χ{α})
3608proof -
3609  {
3610    fix φ' ψ' χ'
3611    AOT_assume  φ' & ψ'  χ'
3612    AOT_hence φ' & ψ'  χ'
3613      using "RN[prem]"[where Γ="{φ', ψ'}"] apply simp
3614      using "&E" "&I" "→E" "→I" by metis
3615  } note R = this
3616  show ?thesis by (rule R; fact AOT)
3617qed
3618
3619AOT_theorem "exist-nec2:1": τ  τ
3620  using "B◇" "RM◇" "Hypothetical Syllogism" "exist-nec" by blast
3621
3622AOT_theorem "exists-nec2:2": τ  τ
3623  by (meson "Act-Sub:3" "Hypothetical Syllogism" "exist-nec"
3624            "exist-nec2:1" "≡I" "nec-imp-act")
3625
3626AOT_theorem "exists-nec2:3": ¬τ  ¬τ
3627  using "KBasic2:1" "→I" "exist-nec2:1" "≡E"(2) "modus-tollens:1" by blast
3628
3629AOT_theorem "exists-nec2:4": ¬τ  ¬τ
3630  by (metis "Act-Sub:3" "KBasic:12" "→I" "exist-nec" "exists-nec2:3"
3631            "≡I" "≡E"(4) "nec-imp-act" "reductio-aa:1")
3632
3633AOT_theorem "id-nec2:1": α = β  α = β
3634  using "B◇" "RM◇" "Hypothetical Syllogism" "id-nec:1" by blast
3635
3636AOT_theorem "id-nec2:2": α  β  α  β
3637  apply (AOT_subst α  β ¬(α = β))
3638  using "=-infix"[THEN "≡Df"] apply blast
3639  using "KBasic2:1" "→I" "id-nec2:1" "≡E"(2) "modus-tollens:1" by blast
3640
3641AOT_theorem "id-nec2:3": α  β  α  β
3642  apply (AOT_subst α  β ¬(α = β))
3643  using "=-infix"[THEN "≡Df"] apply blast
3644  by (metis "KBasic:11" "→I" "id-nec:2" "≡E"(3) "reductio-aa:2" "→E")
3645
3646AOT_theorem "id-nec2:4": α = β  α = β
3647  using "Hypothetical Syllogism" "id-nec2:1" "id-nec:1" by blast
3648
3649AOT_theorem "id-nec2:5": α  β  α  β
3650  using "id-nec2:3" "id-nec2:2" "→I" "→E" by metis
3651
3652AOT_theorem "sc-eq-box-box:1": (φ  φ)  (φ  φ)
3653  apply (rule "≡I"; rule "→I")
3654  using "KBasic:13" "5◇" "Hypothetical Syllogism" "→E" apply blast
3655  by (metis "KBasic2:1" "KBasic:1" "KBasic:2" "S5Basic:13" "≡E"(2)
3656            "raa-cor:5" "→E")
3657
3658AOT_theorem "sc-eq-box-box:2": ((φ  φ)  (φ  φ))  (φ  φ)
3659  by (metis "Act-Sub:3" "KBasic:13" "5◇" "∨E"(2) "→I" "≡I"
3660            "nec-imp-act" "raa-cor:2" "→E")
3661
3662AOT_theorem "sc-eq-box-box:3": (φ  φ)  (¬φ  ¬φ)
3663proof (rule "→I"; rule "≡I"; rule "→I")
3664  AOT_assume (φ  φ)
3665  AOT_hence φ  φ using "sc-eq-box-box:1" "≡E" by blast
3666  moreover AOT_assume ¬φ
3667  ultimately AOT_have ¬φ
3668    using "modus-tollens:1" by blast
3669  AOT_thus ¬φ
3670    using "KBasic2:1" "≡E"(2) by blast
3671next
3672  AOT_assume (φ  φ)
3673  moreover AOT_assume ¬φ
3674  ultimately AOT_show ¬φ
3675    using "modus-tollens:1" "qml:2"[axiom_inst] "→E" by blast
3676qed
3677
3678AOT_theorem "sc-eq-box-box:4":
3679  ((φ  φ) & (ψ  ψ))  ((φ  ψ)  (φ  ψ))
3680proof(rule "→I"; rule "→I")
3681  AOT_assume θ: (φ  φ) & (ψ  ψ)
3682  AOT_assume ξ: φ  ψ
3683  AOT_hence (φ & ψ)  (¬φ & ¬ψ)
3684    using "≡E"(4) "oth-class-taut:4:g" "raa-cor:3" by blast
3685  moreover {
3686    AOT_assume φ & ψ
3687    AOT_hence (φ  ψ)
3688      using "KBasic:3" "KBasic:8" "≡E"(2) "vdash-properties:10" by blast
3689  }
3690  moreover {
3691    AOT_assume ¬φ & ¬ψ
3692    moreover AOT_have ¬φ  ¬φ and ¬ψ  ¬ψ
3693      using θ "Conjunction Simplification"(1,2)
3694            "sc-eq-box-box:3" "→E" by metis+
3695    ultimately AOT_have ¬φ & ¬ψ
3696      by (metis "&I" "Conjunction Simplification"(1,2)
3697                "≡E"(4) "modus-tollens:1" "raa-cor:3")
3698    AOT_hence (φ  ψ)
3699      using "KBasic:3" "KBasic:9" "≡E"(2) "→E" by blast
3700  }
3701  ultimately AOT_show (φ  ψ)
3702    using "∨E"(2) "reductio-aa:1" by blast
3703qed
3704
3705AOT_theorem "sc-eq-box-box:5":
3706  ((φ  φ) & (ψ  ψ))  ((φ  ψ)  (φ  ψ))
3707proof (rule "→I")
3708  AOT_assume ((φ  φ) & (ψ  ψ))
3709  AOT_hence ((φ  φ) & (ψ  ψ))
3710    using 4[THEN "→E"] "&E" "&I" "KBasic:3" "≡E"(2) by metis
3711  moreover AOT_have ((φ  φ) & (ψ  ψ))  ((φ  ψ)  (φ  ψ))
3712  proof (rule RM; rule "→I"; rule "→I")
3713    AOT_modally_strict {
3714      AOT_assume A: ((φ  φ) & (ψ  ψ))
3715      AOT_hence φ  φ and ψ  ψ
3716        using "&E" "qml:2"[axiom_inst] "→E" by blast+
3717      moreover AOT_assume φ  ψ
3718      ultimately AOT_have φ  ψ
3719        using "→E" "qml:2"[axiom_inst] "≡E" "≡I" by meson
3720      moreover AOT_have (φ  ψ)  (φ  ψ)
3721        using A "sc-eq-box-box:4" "→E" by blast
3722      ultimately AOT_show (φ  ψ) using "→E" by blast
3723    }
3724  qed
3725  ultimately AOT_show ((φ  ψ)  (φ  ψ)) using "→E" by blast
3726qed
3727
3728AOT_theorem "sc-eq-box-box:6": (φ  φ)  ((φ  ψ)  (φ  ψ))
3729proof (rule "→I"; rule "→I"; rule "raa-cor:1")
3730  AOT_assume ¬(φ  ψ)
3731  AOT_hence ¬(φ  ψ)
3732    by (metis "KBasic:11" "≡E"(1))
3733  AOT_hence (φ & ¬ψ)
3734    by (AOT_subst φ & ¬ψ ¬(φ  ψ))
3735       (meson "Commutativity of ≡" "≡E"(1) "oth-class-taut:1:b")
3736  AOT_hence φ and 2: ¬ψ
3737    using "KBasic2:3"[THEN "→E"] "&E" by blast+
3738  moreover AOT_assume (φ  φ)
3739  ultimately AOT_have φ
3740    by (metis "≡E"(1) "sc-eq-box-box:1" "→E")
3741  AOT_hence φ
3742    using "qml:2"[axiom_inst, THEN "→E"] by blast
3743  moreover AOT_assume φ  ψ
3744  ultimately AOT_have ψ
3745    using "→E" by blast
3746  moreover AOT_have ¬ψ
3747    using 2 "KBasic:12" "¬¬I" "intro-elim:3:d" by blast
3748  ultimately AOT_show ψ & ¬ψ
3749    using "&I" by blast
3750qed
3751
3752AOT_theorem "sc-eq-box-box:7": (φ  φ)  ((φ  𝒜ψ)  𝒜(φ  ψ))
3753proof (rule "→I"; rule "→I"; rule "raa-cor:1")
3754  AOT_assume ¬𝒜(φ  ψ)
3755  AOT_hence 𝒜¬(φ  ψ)
3756    by (metis "Act-Basic:1" "∨E"(2))
3757  AOT_hence 𝒜(φ & ¬ψ)
3758    by (AOT_subst φ & ¬ψ ¬(φ  ψ))
3759       (meson "Commutativity of ≡" "≡E"(1) "oth-class-taut:1:b")
3760  AOT_hence 𝒜φ and 2: 𝒜¬ψ
3761    using "Act-Basic:2"[THEN "≡E"(1)] "&E" by blast+
3762  AOT_hence φ
3763    by (metis "Act-Sub:3" "→E")
3764  moreover AOT_assume (φ  φ)
3765  ultimately AOT_have φ
3766    by (metis "≡E"(1) "sc-eq-box-box:1" "→E")
3767  AOT_hence φ
3768    using "qml:2"[axiom_inst, THEN "→E"] by blast
3769  moreover AOT_assume φ  𝒜ψ
3770  ultimately AOT_have 𝒜ψ
3771    using "→E" by blast
3772  moreover AOT_have ¬𝒜ψ
3773    using 2 by (meson "Act-Sub:1" "≡E"(4) "raa-cor:3")
3774  ultimately AOT_show 𝒜ψ & ¬𝒜ψ
3775    using "&I" by blast
3776qed
3777
3778AOT_theorem "sc-eq-fur:1": 𝒜φ  𝒜φ
3779  using "Act-Basic:6" "Act-Sub:4" "≡E"(6) by blast
3780
3781AOT_theorem "sc-eq-fur:2": (φ  φ)  (𝒜φ  φ)
3782  by (metis "B◇" "Act-Sub:3" "KBasic:13" "T◇" "Hypothetical Syllogism"
3783            "→I" "≡I" "nec-imp-act")
3784
3785AOT_theorem "sc-eq-fur:3":
3786  x (φ{x}  φ{x})  (∃!x φ{x}  ιx φ{x})
3787proof (rule "→I"; rule "→I")
3788  AOT_assume x (φ{x}  φ{x})
3789  AOT_hence A: x (φ{x}  φ{x})
3790    using CBF "→E" by blast
3791  AOT_assume ∃!x φ{x}
3792  then AOT_obtain a where a_def: φ{a} & y (φ{y}  y = a)
3793    using "∃E"[rotated 1, OF "uniqueness:1"[THEN "≡dfE"]] by blast
3794  moreover AOT_have φ{a}
3795    using calculation A "∀E"(2) "qml:2"[axiom_inst] "→E" "&E"(1) by blast
3796  AOT_hence 𝒜φ{a}
3797    using "nec-imp-act" "→E" by blast
3798  moreover AOT_have y (𝒜φ{y}  y = a)
3799  proof (rule "∀I"; rule "→I")
3800    fix b
3801    AOT_assume 𝒜φ{b}
3802    AOT_hence φ{b}
3803      using "Act-Sub:3" "→E" by blast
3804    moreover {
3805      AOT_have (φ{b}  φ{b})
3806        using A "∀E"(2) by blast
3807      AOT_hence φ{b}  φ{b}
3808        using "KBasic:13" "5◇" "Hypothetical Syllogism" "→E" by blast
3809    }
3810    ultimately AOT_have φ{b}
3811      using "→E" by blast
3812    AOT_hence φ{b}
3813      using "qml:2"[axiom_inst] "→E" by blast
3814    AOT_thus b = a
3815      using a_def[THEN "&E"(2)] "∀E"(2) "→E" by blast
3816  qed
3817  ultimately AOT_have 𝒜φ{a} & y (𝒜φ{y}  y = a)
3818    using "&I" by blast
3819  AOT_hence x (𝒜φ{x} & y (𝒜φ{y}  y = x))
3820    using "∃I" by fast
3821  AOT_hence ∃!x 𝒜φ{x}
3822    using "uniqueness:1"[THEN "≡dfI"] by fast
3823  AOT_thus ιx φ{x}
3824    using "actual-desc:1"[THEN "≡E"(2)] by blast
3825qed
3826
3827AOT_theorem "sc-eq-fur:4":
3828x (φ{x}  φ{x})  (x = ιx φ{x}  (φ{x} & z (φ{z}  z = x)))
3829proof (rule "→I")
3830  AOT_assume x (φ{x}  φ{x})
3831  AOT_hence x (φ{x}  φ{x})
3832    using CBF "→E" by blast
3833  AOT_hence A: 𝒜φ{α}  φ{α} for α
3834    using "sc-eq-fur:2" "∀E" "→E" by fast
3835  AOT_show x = ιx φ{x}  (φ{x} & z (φ{z}  z = x))
3836  proof (rule "≡I"; rule "→I")
3837    AOT_assume x = ιx φ{x}
3838    AOT_hence B: 𝒜φ{x} & z (𝒜φ{z}  z = x)
3839      using "nec-hintikka-scheme"[THEN "≡E"(1)] by blast
3840    AOT_show φ{x} & z (φ{z}  z = x)
3841    proof (rule "&I"; (rule "∀I"; rule "→I")?)
3842      AOT_show φ{x}
3843        using A B[THEN "&E"(1)] "≡E"(1) by blast
3844    next
3845      AOT_show z = x if φ{z} for z
3846        using that B[THEN "&E"(2)] "∀E"(2) "→E" A[THEN "≡E"(2)] by blast
3847    qed
3848  next
3849    AOT_assume B: φ{x} & z (φ{z}  z = x)
3850    AOT_have 𝒜φ{x} & z (𝒜φ{z}  z = x)
3851    proof(rule "&I"; (rule "∀I"; rule "→I")?)
3852      AOT_show 𝒜φ{x}
3853        using B[THEN "&E"(1)] A[THEN "≡E"(2)] by blast
3854    next
3855      AOT_show b = x if 𝒜φ{b} for b
3856        using A[THEN "≡E"(1)] that
3857              B[THEN "&E"(2), THEN "∀E"(2), THEN "→E"] by blast
3858    qed
3859    AOT_thus x = ιx φ{x}
3860      using "nec-hintikka-scheme"[THEN "≡E"(2)] by blast
3861  qed
3862qed
3863
3864AOT_theorem "id-act:1": α = β  𝒜α = β
3865  by (meson "Act-Sub:3" "Hypothetical Syllogism"
3866            "id-nec2:1" "id-nec:2" "≡I" "nec-imp-act")
3867
3868AOT_theorem "id-act:2": α  β  𝒜α  β
3869proof (AOT_subst α  β ¬(α = β))
3870  AOT_modally_strict {
3871    AOT_show α  β  ¬(α = β)
3872      by (simp add: "=-infix" "≡Df")
3873  }
3874next
3875  AOT_show ¬(α = β)  𝒜¬(α = β)
3876  proof (safe intro!: "≡I" "→I")
3877    AOT_assume ¬α = β
3878    AOT_hence ¬𝒜α = β using "id-act:1" "≡E"(3) by blast
3879    AOT_thus 𝒜¬α = β
3880      using "¬¬E" "Act-Sub:1" "≡E"(3) by blast
3881  next
3882    AOT_assume 𝒜¬α = β
3883    AOT_hence ¬𝒜α = β
3884      using "¬¬I" "Act-Sub:1" "≡E"(4) by blast
3885    AOT_thus ¬α = β
3886      using "id-act:1" "≡E"(4) by blast
3887  qed
3888qed
3889
3890AOT_theorem "A-Exists:1": 𝒜∃!α φ{α}  ∃!α 𝒜φ{α}
3891proof -
3892  AOT_have 𝒜∃!α φ{α}  𝒜αβ (φ{β}  β = α)
3893    by (AOT_subst ∃!α φ{α} αβ (φ{β}  β = α))
3894       (auto simp add: "oth-class-taut:3:a" "uniqueness:2")
3895  also AOT_have   α 𝒜β (φ{β}  β = α)
3896    by (simp add: "Act-Basic:10")
3897  also AOT_have   αβ 𝒜(φ{β}  β = α)
3898    by (AOT_subst 𝒜β (φ{β}  β = α) β 𝒜(φ{β}  β = α) for: α)
3899       (auto simp: "logic-actual-nec:3"[axiom_inst] "oth-class-taut:3:a")
3900  also AOT_have   αβ (𝒜φ{β}  𝒜β = α)
3901    by (AOT_subst (reverse) 𝒜φ{β}  𝒜β = α
3902                            𝒜(φ{β}  β = α) for: α β :: 'a)
3903       (auto simp: "Act-Basic:5" "cqt-further:7")
3904  also AOT_have   αβ (𝒜φ{β}  β = α)
3905    by (AOT_subst (reverse) 𝒜β = α β = α for: α β :: 'a)
3906       (auto simp: "id-act:1" "cqt-further:7")
3907  also AOT_have ...  ∃!α 𝒜φ{α}
3908    using "uniqueness:2" "Commutativity of ≡"[THEN "≡E"(1)] by fast
3909  finally show ?thesis.
3910qed
3911
3912AOT_theorem "A-Exists:2": ιx φ{x}  𝒜∃!x φ{x}
3913  by (AOT_subst 𝒜∃!x φ{x} ∃!x 𝒜φ{x})
3914     (auto simp: "actual-desc:1" "A-Exists:1")
3915
3916AOT_theorem "id-act-desc:1": ιx (x = y)
3917proof(rule "existence:1"[THEN "≡dfI"]; rule "∃I")
3918  AOT_show x E!x  E!x]ιx (x = y)
3919  proof (rule "russell-axiom[exe,1].nec-russell-axiom"[THEN "≡E"(2)];
3920         rule "∃I"; (rule "&I")+)
3921    AOT_show 𝒜y = y by (simp add: "RA[2]" "id-eq:1")
3922  next
3923    AOT_show z (𝒜z = y  z = y)
3924      apply (rule "∀I")
3925      using "id-act:1"[THEN "≡E"(2)] "→I" by blast
3926  next
3927    AOT_show x E!x  E!x]y
3928    proof (rule "lambda-predicates:2"[axiom_inst, THEN "→E", THEN "≡E"(2)])
3929      AOT_show x E!x  E!x]
3930        by "cqt:2[lambda]"
3931    next
3932      AOT_show E!y  E!y 
3933        by (simp add: "if-p-then-p")
3934    qed
3935  qed
3936next
3937  AOT_show x E!x  E!x]
3938    by "cqt:2[lambda]"
3939qed
3940
3941AOT_theorem "id-act-desc:2": y = ιx (x = y)
3942  by (rule descriptions[axiom_inst, THEN "≡E"(2)];
3943      rule "∀I"; rule "id-act:1"[symmetric])
3944
3945AOT_theorem "pre-en-eq:1[1]": x1[F]  x1[F]
3946  by (simp add: encoding "vdash-properties:1[2]")
3947
3948AOT_theorem "pre-en-eq:1[2]": x1x2[F]  x1x2[F]
3949proof (rule "→I")
3950  AOT_assume x1x2[F]
3951  AOT_hence x1y [F]yx2] and x2y [F]x1y]
3952    using "nary-encoding[2]"[axiom_inst, THEN "≡E"(1)] "&E" by blast+
3953  moreover AOT_have y [F]yx2] by "cqt:2"
3954  moreover AOT_have y [F]x1y] by "cqt:2"
3955  ultimately AOT_have x1y [F]yx2] and x2y [F]x1y]
3956    using encoding[axiom_inst, unvarify F] "→E" "&I" by blast+
3957  note A = this
3958  AOT_hence (x1y [F]yx2] & x2y [F]x1y])
3959    using "KBasic:3"[THEN "≡E"(2)] "&I" by blast
3960  AOT_thus x1x2[F]
3961    by (rule "nary-encoding[2]"[axiom_inst, THEN RN,
3962                                THEN "KBasic:6"[THEN "→E"],
3963                                THEN "≡E"(2)])
3964qed
3965
3966AOT_theorem "pre-en-eq:1[3]": x1x2x3[F]  x1x2x3[F]
3967proof (rule "→I")
3968  AOT_assume x1x2x3[F]
3969  AOT_hence x1y [F]yx2x3]
3970        and x2y [F]x1yx3]
3971        and x3y [F]x1x2y]
3972    using "nary-encoding[3]"[axiom_inst, THEN "≡E"(1)] "&E" by blast+
3973  moreover AOT_have y [F]yx2x3] by "cqt:2"
3974  moreover AOT_have y [F]x1yx3] by "cqt:2"
3975  moreover AOT_have y [F]x1x2y] by "cqt:2"
3976  ultimately AOT_have x1y [F]yx2x3]
3977                  and x2y [F]x1yx3]
3978                  and x3y [F]x1x2y]
3979    using encoding[axiom_inst, unvarify F] "→E" by blast+
3980  note A = this
3981  AOT_have B: (x1y [F]yx2x3] & x2y [F]x1yx3] & x3y [F]x1x2y])
3982    by (rule "KBasic:3"[THEN "≡E"(2)] "&I" A)+
3983  AOT_thus x1x2x3[F]
3984    by (rule "nary-encoding[3]"[axiom_inst, THEN RN,
3985                THEN "KBasic:6"[THEN "→E"], THEN "≡E"(2)])
3986qed
3987
3988AOT_theorem "pre-en-eq:1[4]": x1x2x3x4[F]  x1x2x3x4[F]
3989proof (rule "→I")
3990  AOT_assume x1x2x3x4[F]
3991  AOT_hence x1y [F]yx2x3x4]
3992        and x2y [F]x1yx3x4]
3993        and x3y [F]x1x2yx4]
3994        and x4y [F]x1x2x3y]
3995    using "nary-encoding[4]"[axiom_inst, THEN "≡E"(1)] "&E" by metis+
3996  moreover AOT_have y [F]yx2x3x4] by "cqt:2"
3997  moreover AOT_have y [F]x1yx3x4] by "cqt:2"
3998  moreover AOT_have y [F]x1x2yx4] by "cqt:2"
3999  moreover AOT_have y [F]x1x2x3y] by "cqt:2"
4000  ultimately AOT_have x1y [F]yx2x3x4]
4001                  and x2y [F]x1yx3x4]
4002                  and x3y [F]x1x2yx4]
4003                  and x4y [F]x1x2x3y]
4004    using "→E" encoding[axiom_inst, unvarify F] by blast+
4005  note A = this
4006  AOT_have B: (x1y [F]yx2x3x4] &
4007                  x2y [F]x1yx3x4] &
4008                  x3y [F]x1x2yx4] &
4009                  x4y [F]x1x2x3y])
4010    by (rule "KBasic:3"[THEN "≡E"(2)] "&I" A)+
4011  AOT_thus x1x2x3x4[F]
4012    by (rule "nary-encoding[4]"[axiom_inst, THEN RN,
4013              THEN "KBasic:6"[THEN "→E"], THEN "≡E"(2)])
4014qed
4015
4016AOT_theorem "pre-en-eq:2[1]": ¬x1[F]  ¬x1[F]
4017proof (rule "→I"; rule "raa-cor:1")
4018  AOT_assume ¬¬x1[F]
4019  AOT_hence x1[F]
4020    by (rule "conventions:5"[THEN "≡dfI"])
4021  AOT_hence x1[F]
4022    by(rule "S5Basic:13"[THEN "≡E"(1), OF  "pre-en-eq:1[1]"[THEN RN],
4023              THEN "qml:2"[axiom_inst, THEN "→E"], THEN "→E"])
4024  moreover AOT_assume ¬x1[F]
4025  ultimately AOT_show x1[F] & ¬x1[F] by (rule "&I")
4026qed
4027AOT_theorem "pre-en-eq:2[2]": ¬x1x2[F]  ¬x1x2[F]
4028proof (rule "→I"; rule "raa-cor:1")
4029  AOT_assume ¬¬x1x2[F]
4030  AOT_hence x1x2[F]
4031    by (rule "conventions:5"[THEN "≡dfI"])
4032  AOT_hence x1x2[F]
4033    by(rule "S5Basic:13"[THEN "≡E"(1), OF  "pre-en-eq:1[2]"[THEN RN],
4034              THEN "qml:2"[axiom_inst, THEN "→E"], THEN "→E"])
4035  moreover AOT_assume ¬x1x2[F]
4036  ultimately AOT_show x1x2[F] & ¬x1x2[F] by (rule "&I")
4037qed
4038
4039AOT_theorem "pre-en-eq:2[3]": ¬x1x2x3[F]  ¬x1x2x3[F]
4040proof (rule "→I"; rule "raa-cor:1")
4041  AOT_assume ¬¬x1x2x3[F]
4042  AOT_hence x1x2x3[F]
4043    by (rule "conventions:5"[THEN "≡dfI"])
4044  AOT_hence x1x2x3[F]
4045    by(rule "S5Basic:13"[THEN "≡E"(1), OF  "pre-en-eq:1[3]"[THEN RN],
4046              THEN "qml:2"[axiom_inst, THEN "→E"], THEN "→E"])
4047  moreover AOT_assume ¬x1x2x3[F]
4048  ultimately AOT_show x1x2x3[F] & ¬x1x2x3[F] by (rule "&I")
4049qed
4050
4051AOT_theorem "pre-en-eq:2[4]": ¬x1x2x3x4[F]  ¬x1x2x3x4[F]
4052proof (rule "→I"; rule "raa-cor:1")
4053  AOT_assume ¬¬x1x2x3x4[F]
4054  AOT_hence x1x2x3x4[F]
4055    by (rule "conventions:5"[THEN "≡dfI"])
4056  AOT_hence x1x2x3x4[F]
4057    by(rule "S5Basic:13"[THEN "≡E"(1), OF  "pre-en-eq:1[4]"[THEN RN],
4058                         THEN "qml:2"[axiom_inst, THEN "→E"], THEN "→E"])
4059  moreover AOT_assume ¬x1x2x3x4[F]
4060  ultimately AOT_show x1x2x3x4[F] & ¬x1x2x3x4[F] by (rule "&I")
4061qed
4062
4063AOT_theorem "en-eq:1[1]": x1[F]  x1[F]
4064  using "pre-en-eq:1[1]"[THEN RN] "sc-eq-box-box:2" "∨I" "→E" by metis
4065AOT_theorem "en-eq:1[2]": x1x2[F]  x1x2[F]
4066  using "pre-en-eq:1[2]"[THEN RN] "sc-eq-box-box:2" "∨I" "→E" by metis
4067AOT_theorem "en-eq:1[3]": x1x2x3[F]  x1x2x3[F]
4068  using "pre-en-eq:1[3]"[THEN RN] "sc-eq-box-box:2" "∨I" "→E" by fast
4069AOT_theorem "en-eq:1[4]": x1x2x3x4[F]  x1x2x3x4[F]
4070  using "pre-en-eq:1[4]"[THEN RN] "sc-eq-box-box:2" "∨I" "→E" by fast
4071
4072AOT_theorem "en-eq:2[1]": x1[F]  x1[F]
4073  by (simp add: "≡I" "pre-en-eq:1[1]" "qml:2"[axiom_inst])
4074AOT_theorem "en-eq:2[2]": x1x2[F]  x1x2[F]
4075  by (simp add: "≡I" "pre-en-eq:1[2]" "qml:2"[axiom_inst])
4076AOT_theorem "en-eq:2[3]": x1x2x3[F]  x1x2x3[F]
4077  by (simp add: "≡I" "pre-en-eq:1[3]" "qml:2"[axiom_inst])
4078AOT_theorem "en-eq:2[4]": x1x2x3x4[F]  x1x2x3x4[F]
4079  by (simp add: "≡I" "pre-en-eq:1[4]" "qml:2"[axiom_inst])
4080
4081AOT_theorem "en-eq:3[1]": x1[F]  x1[F]
4082  using "T◇" "derived-S5-rules:2"[OF "pre-en-eq:1[1]"] "≡I" by blast
4083AOT_theorem "en-eq:3[2]": x1x2[F]  x1x2[F]
4084  using "T◇" "derived-S5-rules:2"[OF "pre-en-eq:1[2]"] "≡I" by blast
4085AOT_theorem "en-eq:3[3]": x1x2x3[F]  x1x2x3[F]
4086  using "T◇" "derived-S5-rules:2"[OF "pre-en-eq:1[3]"] "≡I" by blast
4087AOT_theorem "en-eq:3[4]": x1x2x3x4[F]  x1x2x3x4[F]
4088  using "T◇" "derived-S5-rules:2"[OF "pre-en-eq:1[4]"] "≡I" by blast
4089
4090AOT_theorem "en-eq:4[1]":
4091  (x1[F]  y1[G])  (x1[F]  y1[G])
4092  apply (rule "≡I"; rule "→I"; rule "≡I"; rule "→I")
4093  using "qml:2"[axiom_inst, THEN "→E"] "≡E"(1,2) "en-eq:2[1]" by blast+
4094AOT_theorem "en-eq:4[2]":
4095  (x1x2[F]  y1y2[G])  (x1x2[F]  y1y2[G])
4096  apply (rule "≡I"; rule "→I"; rule "≡I"; rule "→I")
4097  using "qml:2"[axiom_inst, THEN "→E"] "≡E"(1,2) "en-eq:2[2]" by blast+
4098AOT_theorem "en-eq:4[3]":
4099  (x1x2x3[F]  y1y2y3[G])  (x1x2x3[F]  y1y2y3[G])
4100  apply (rule "≡I"; rule "→I"; rule "≡I"; rule "→I")
4101  using "qml:2"[axiom_inst, THEN "→E"] "≡E"(1,2) "en-eq:2[3]" by blast+
4102AOT_theorem "en-eq:4[4]":
4103  (x1x2x3x4[F]  y1y2y3y4[G])  (x1x2x3x4[F]  y1y2y3y4[G])
4104  apply (rule "≡I"; rule "→I"; rule "≡I"; rule "→I")
4105  using "qml:2"[axiom_inst, THEN "→E"] "≡E"(1,2) "en-eq:2[4]" by blast+
4106
4107AOT_theorem "en-eq:5[1]":
4108  (x1[F]  y1[G])  (x1[F]  y1[G])
4109  apply (rule "≡I"; rule "→I")
4110  using "en-eq:4[1]"[THEN "≡E"(1)] "qml:2"[axiom_inst, THEN "→E"]
4111   apply blast
4112  using "sc-eq-box-box:4"[THEN "→E", THEN "→E"]
4113        "&I"[OF "pre-en-eq:1[1]"[THEN RN], OF "pre-en-eq:1[1]"[THEN RN]]
4114  by blast
4115AOT_theorem "en-eq:5[2]":
4116  (x1x2[F]  y1y2[G])  (x1x2[F]  y1y2[G])
4117  apply (rule "≡I"; rule "→I")
4118  using "en-eq:4[2]"[THEN "≡E"(1)] "qml:2"[axiom_inst, THEN "→E"]
4119   apply blast
4120  using "sc-eq-box-box:4"[THEN "→E", THEN "→E"]
4121        "&I"[OF "pre-en-eq:1[2]"[THEN RN], OF "pre-en-eq:1[2]"[THEN RN]]
4122  by blast
4123AOT_theorem "en-eq:5[3]":
4124  (x1x2x3[F]  y1y2y3[G])  (x1x2x3[F]  y1y2y3[G])
4125  apply (rule "≡I"; rule "→I")
4126  using "en-eq:4[3]"[THEN "≡E"(1)] "qml:2"[axiom_inst, THEN "→E"]
4127   apply blast
4128  using "sc-eq-box-box:4"[THEN "→E", THEN "→E"]
4129        "&I"[OF "pre-en-eq:1[3]"[THEN RN], OF "pre-en-eq:1[3]"[THEN RN]]
4130  by blast
4131AOT_theorem "en-eq:5[4]":
4132  (x1x2x3x4[F]  y1y2y3y4[G])  (x1x2x3x4[F]  y1y2y3y4[G])
4133  apply (rule "≡I"; rule "→I")
4134  using "en-eq:4[4]"[THEN "≡E"(1)] "qml:2"[axiom_inst, THEN "→E"]
4135   apply blast
4136  using "sc-eq-box-box:4"[THEN "→E", THEN "→E"]
4137        "&I"[OF "pre-en-eq:1[4]"[THEN RN], OF "pre-en-eq:1[4]"[THEN RN]]
4138  by blast
4139
4140AOT_theorem "en-eq:6[1]":
4141  (x1[F]  y1[G])  (x1[F]  y1[G])
4142  using "en-eq:5[1]"[symmetric] "en-eq:4[1]" "≡E"(5) by fast
4143AOT_theorem "en-eq:6[2]":
4144  (x1x2[F]  y1y2[G])  (x1x2[F]  y1y2[G])
4145  using "en-eq:5[2]"[symmetric] "en-eq:4[2]" "≡E"(5) by fast
4146AOT_theorem "en-eq:6[3]":
4147  (x1x2x3[F]  y1y2y3[G])  (x1x2x3[F]  y1y2y3[G])
4148  using "en-eq:5[3]"[symmetric] "en-eq:4[3]" "≡E"(5) by fast
4149AOT_theorem "en-eq:6[4]":
4150  (x1x2x3x4[F]  y1y2y3y4[G])  (x1x2x3x4[F]  y1y2y3y4[G])
4151  using "en-eq:5[4]"[symmetric] "en-eq:4[4]" "≡E"(5) by fast
4152
4153AOT_theorem "en-eq:7[1]": ¬x1[F]  ¬x1[F]
4154  using "pre-en-eq:2[1]" "qml:2"[axiom_inst] "≡I" by blast
4155AOT_theorem "en-eq:7[2]": ¬x1x2[F]  ¬x1x2[F]
4156  using "pre-en-eq:2[2]" "qml:2"[axiom_inst] "≡I" by blast
4157AOT_theorem "en-eq:7[3]": ¬x1x2x3[F]  ¬x1x2x3[F]
4158  using "pre-en-eq:2[3]" "qml:2"[axiom_inst] "≡I" by blast
4159AOT_theorem "en-eq:7[4]": ¬x1x2x3x4[F]  ¬x1x2x3x4[F]
4160  using "pre-en-eq:2[4]" "qml:2"[axiom_inst] "≡I" by blast
4161
4162AOT_theorem "en-eq:8[1]": ¬x1[F]  ¬x1[F]
4163  using "en-eq:2[1]"[THEN "oth-class-taut:4:b"[THEN "≡E"(1)]]
4164        "KBasic:11" "≡E"(5)[symmetric] by blast
4165AOT_theorem "en-eq:8[2]": ¬x1x2[F]  ¬x1x2[F]
4166  using "en-eq:2[2]"[THEN "oth-class-taut:4:b"[THEN "≡E"(1)]]
4167        "KBasic:11" "≡E"(5)[symmetric] by blast
4168AOT_theorem "en-eq:8[3]": ¬x1x2x3[F]  ¬x1x2x3[F]
4169  using "en-eq:2[3]"[THEN "oth-class-taut:4:b"[THEN "≡E"(1)]]
4170        "KBasic:11" "≡E"(5)[symmetric] by blast
4171AOT_theorem "en-eq:8[4]": ¬x1x2x3x4[F]  ¬x1x2x3x4[F]
4172  using "en-eq:2[4]"[THEN "oth-class-taut:4:b"[THEN "≡E"(1)]]
4173        "KBasic:11" "≡E"(5)[symmetric] by blast
4174
4175AOT_theorem "en-eq:9[1]": ¬x1[F]  ¬x1[F]
4176  using "en-eq:7[1]" "en-eq:8[1]" "≡E"(5) by blast
4177AOT_theorem "en-eq:9[2]": ¬x1x2[F]  ¬x1x2[F]
4178  using "en-eq:7[2]" "en-eq:8[2]" "≡E"(5) by blast
4179AOT_theorem "en-eq:9[3]": ¬x1x2x3[F]  ¬x1x2x3[F]
4180  using "en-eq:7[3]" "en-eq:8[3]" "≡E"(5) by blast
4181AOT_theorem "en-eq:9[4]": ¬x1x2x3x4[F]  ¬x1x2x3x4[F]
4182  using "en-eq:7[4]" "en-eq:8[4]" "≡E"(5) by blast
4183
4184AOT_theorem "en-eq:10[1]": 𝒜x1[F]  x1[F]
4185  by (metis "Act-Sub:3" "deduction-theorem" "≡I" "≡E"(1)
4186            "nec-imp-act" "en-eq:3[1]" "pre-en-eq:1[1]")
4187AOT_theorem "en-eq:10[2]": 𝒜x1x2[F]  x1x2[F]
4188  by (metis "Act-Sub:3" "deduction-theorem" "≡I" "≡E"(1)
4189            "nec-imp-act" "en-eq:3[2]" "pre-en-eq:1[2]")
4190AOT_theorem "en-eq:10[3]": 𝒜x1x2x3[F]  x1x2x3[F]
4191  by (metis "Act-Sub:3" "deduction-theorem" "≡I" "≡E"(1)
4192            "nec-imp-act" "en-eq:3[3]" "pre-en-eq:1[3]")
4193AOT_theorem "en-eq:10[4]": 𝒜x1x2x3x4[F]  x1x2x3x4[F]
4194  by (metis "Act-Sub:3" "deduction-theorem" "≡I" "≡E"(1)
4195            "nec-imp-act" "en-eq:3[4]" "pre-en-eq:1[4]")
4196
4197AOT_theorem "oa-facts:1": O!x  O!x
4198proof(rule "→I")
4199  AOT_modally_strict {
4200    AOT_have x E!x]x  E!x
4201      by (rule "lambda-predicates:2"[axiom_inst, THEN "→E"]) "cqt:2"
4202  } note θ = this
4203  AOT_assume O!x
4204  AOT_hence x E!x]x
4205    by (rule "=dfE"(2)[OF AOT_ordinary, rotated 1]) "cqt:2"
4206  AOT_hence E!x using θ[THEN "≡E"(1)] by blast
4207  AOT_hence E!x using "qml:3"[axiom_inst, THEN "→E"] by blast
4208  AOT_hence x E!x]x
4209    by (AOT_subst x E!x]x E!x)
4210       (auto simp: θ)
4211  AOT_thus O!x
4212    by (rule "=dfI"(2)[OF AOT_ordinary, rotated 1]) "cqt:2"
4213qed
4214
4215AOT_theorem "oa-facts:2": A!x  A!x
4216proof(rule "→I")
4217  AOT_modally_strict {
4218    AOT_have x ¬E!x]x  ¬E!x
4219      by (rule "lambda-predicates:2"[axiom_inst, THEN "→E"]) "cqt:2"
4220  } note θ = this
4221  AOT_assume A!x
4222  AOT_hence x ¬E!x]x
4223    by (rule "=dfE"(2)[OF AOT_abstract, rotated 1]) "cqt:2"
4224  AOT_hence ¬E!x using θ[THEN "≡E"(1)] by blast
4225  AOT_hence ¬E!x using "KBasic2:1"[THEN "≡E"(2)] by blast
4226  AOT_hence ¬E!x using "4"[THEN "→E"] by blast
4227  AOT_hence ¬E!x
4228    using "KBasic2:1"
4229    by (AOT_subst (reverse) ¬E!x ¬E!x) blast
4230  AOT_hence x ¬E!x]x
4231    by (AOT_subst x ¬E!x]x ¬E!x)
4232       (auto simp: θ)
4233  AOT_thus A!x
4234    by (rule "=dfI"(2)[OF AOT_abstract, rotated 1]) "cqt:2[lambda]"
4235qed
4236
4237AOT_theorem "oa-facts:3": O!x  O!x
4238  using "oa-facts:1" "B◇" "RM◇" "Hypothetical Syllogism" by blast
4239AOT_theorem "oa-facts:4": A!x  A!x
4240  using "oa-facts:2" "B◇" "RM◇" "Hypothetical Syllogism" by blast
4241
4242AOT_theorem "oa-facts:5": O!x  O!x
4243  by (meson "Act-Sub:3" "Hypothetical Syllogism" "≡I" "nec-imp-act"
4244            "oa-facts:1" "oa-facts:3")
4245
4246AOT_theorem "oa-facts:6": A!x  A!x
4247  by (meson "Act-Sub:3" "Hypothetical Syllogism" "≡I" "nec-imp-act"
4248            "oa-facts:2" "oa-facts:4")
4249
4250AOT_theorem "oa-facts:7": O!x  𝒜O!x
4251  by (meson "Act-Sub:3" "Hypothetical Syllogism" "≡I" "nec-imp-act"
4252            "oa-facts:1" "oa-facts:3")
4253
4254AOT_theorem "oa-facts:8": A!x  𝒜A!x
4255  by (meson "Act-Sub:3" "Hypothetical Syllogism" "≡I" "nec-imp-act"
4256            "oa-facts:2" "oa-facts:4")
4257
4258subsection‹The Theory of Relations›
4259text‹\label{PLM: 9.10}›
4260
4261AOT_theorem "beta-C-meta":
4262  μ1...μn φ{μ1...μn, ν1...νn}] 
4263   (μ1...μn φ{μ1...μn, ν1...νn}]ν1...νn  φ{ν1...νn, ν1...νn})
4264  using "lambda-predicates:2"[axiom_inst] by blast
4265
4266AOT_theorem "beta-C-cor:1":
4267  (ν1...∀νn(μ1...μn φ{μ1...μn, ν1...νn}])) 
4268   ν1...∀νn (μ1...μn φ{μ1...μn, ν1...νn}]ν1...νn  φ{ν1...νn, ν1...νn})
4269  apply (rule "cqt-basic:14"[where 'a='a, THEN "→E"])
4270  using "beta-C-meta" "∀I" by fast
4271
4272AOT_theorem "beta-C-cor:2":
4273  μ1...μn φ{μ1...μn}] 
4274   ν1...∀νn (μ1...μn φ{μ1...μn}]ν1...νn  φ{ν1...νn})
4275  apply (rule "→I"; rule "∀I")
4276  using "beta-C-meta"[THEN "→E"] by fast
4277
4278(* TODO: syntax *)
4279theorem "beta-C-cor:3":
4280  assumes ν1νn. AOT_instance_of_cqt_2 (φ (AOT_term_of_var ν1νn))
4281  shows [v  ν1...∀νn (μ1...μn φ{ν1...νn, μ1...μn}]ν1...νn 
4282                         φ{ν1...νn, ν1...νn})]
4283  using "cqt:2[lambda]"[axiom_inst, OF assms]
4284        "beta-C-cor:1"[THEN "→E"] "∀I" by fast
4285
4286AOT_theorem "betaC:1:a": μ1...μn φ{μ1...μn}]κ1...κn  φ{κ1...κn}
4287proof -
4288  AOT_modally_strict {
4289    AOT_assume μ1...μn φ{μ1...μn}]κ1...κn
4290    moreover AOT_have μ1...μn φ{μ1...μn}] and κ1...κn
4291      using calculation "cqt:5:a"[axiom_inst, THEN "→E"] "&E" by blast+
4292    ultimately AOT_show φ{κ1...κn}
4293      using "beta-C-cor:2"[THEN "→E", THEN "∀E"(1), THEN "≡E"(1)] by blast
4294  }
4295qed
4296
4297AOT_theorem "betaC:1:b": ¬φ{κ1...κn}  ¬μ1...μn φ{μ1...μn}]κ1...κn
4298  using "betaC:1:a" "raa-cor:3" by blast
4299
4300lemmas "β→C" = "betaC:1:a" "betaC:1:b"
4301
4302AOT_theorem "betaC:2:a":
4303  μ1...μn φ{μ1...μn}], κ1...κn, φ{κ1...κn} 
4304   μ1...μn φ{μ1...μn}]κ1...κn
4305proof -
4306  AOT_modally_strict {
4307    AOT_assume 1: μ1...μn φ{μ1...μn}]
4308           and 2: κ1...κn
4309           and 3: φ{κ1...κn}
4310    AOT_hence μ1...μn φ{μ1...μn}]κ1...κn
4311      using "beta-C-cor:2"[THEN "→E", OF 1, THEN "∀E"(1), THEN "≡E"(2)]
4312      by blast
4313  }
4314  AOT_thus μ1...μn φ{μ1...μn}], κ1...κn, φ{κ1...κn} 
4315            μ1...μn φ{μ1...μn}]κ1...κn
4316    by blast
4317qed
4318
4319AOT_theorem "betaC:2:b":
4320  μ1...μn φ{μ1...μn}], κ1...κn, ¬μ1...μn φ{μ1...μn}]κ1...κn 
4321   ¬φ{κ1...κn}
4322  using "betaC:2:a" "raa-cor:3" by blast
4323
4324lemmas "β←C" = "betaC:2:a" "betaC:2:b"
4325
4326AOT_theorem "eta-conversion-lemma1:1": Π  x1...xn [Π]x1...xn] = Π
4327  using "lambda-predicates:3"[axiom_inst] "∀I" "∀E"(1) "→I" by fast
4328
4329(* Note: generalized alphabetic variant of the last theorem *)
4330AOT_theorem "eta-conversion-lemma1:2": Π  ν1...νn [Π]ν1...νn] = Π
4331  using "eta-conversion-lemma1:1".
4332
4333text‹Note: not explicitly part of PLM.›
4334AOT_theorem id_sym:
4335  assumes τ = τ'
4336  shows τ' = τ
4337  using "rule=E"[where φ="λ τ' . «τ' = τ»", rotated 1, OF assms]
4338        "=I"(1)[OF "t=t-proper:1"[THEN "→E", OF assms]] by auto
4339declare id_sym[sym]
4340
4341text‹Note: not explicitly part of PLM.›
4342AOT_theorem id_trans:
4343  assumes τ = τ' and τ' = τ''
4344  shows τ = τ''
4345  using "rule=E" assms by blast
4346declare id_trans[trans]
4347
4348method "ηC" for Π :: <'a::{AOT_Term_id_2,AOT_κs}> =
4349  (match conclusion in "[v  τ{Π} = τ'{Π}]" for v τ τ'  4350   rule "rule=E"[rotated 1, OF "eta-conversion-lemma1:2"
4351    [THEN "→E", of v "«[Π]»", symmetric]])
4352(*
4353AOT_theorem ‹[λy [λz [P]z]y → [λu [S]u]y] = [λy [P]y → [S]y]›
4354  apply ("ηC" "«[P]»") defer
4355   apply ("ηC" "«[S]»") defer
4356  oops
4357*)
4358(* TODO: proper representation of eta_conversion_lemma2 *)
4359
4360AOT_theorem "sub-des-lam:1":
4361  z1...zn  χ{z1...zn, ιx φ{x}}] & ιx φ{x} = ιx ψ{x} 
4362   z1...zn χ{z1...zn, ιx φ{x}}] = z1...zn χ{z1...zn, ιx ψ{x}}]
4363proof(rule "→I")
4364  AOT_assume A: z1...zn  χ{z1...zn, ιx φ{x}}] & ιx φ{x} = ιx ψ{x}
4365  AOT_show z1...zn χ{z1...zn, ιx φ{x}}] = z1...zn χ{z1...zn, ιx ψ{x}}]
4366    using "rule=E"[where φ="λ τ . «z1...zn χ{z1...zn, ιx φ{x}}] =
4367                                   z1...zn χ{z1...zn, τ}]»",
4368               OF "=I"(1)[OF A[THEN "&E"(1)]], OF A[THEN "&E"(2)]]
4369    by blast
4370qed
4371
4372AOT_theorem "sub-des-lam:2":
4373  ιx φ{x} = ιx ψ{x}  χ{ιx φ{x}} = χ{ιx ψ{x}} for χ :: ‹κ  𝗈›
4374  using "rule=E"[where φ="λ τ . «χ{ιx φ{x}} = χ{τ}»",
4375                 OF "=I"(1)[OF "log-prop-prop:2"]] "→I" by blast
4376
4377AOT_theorem "prop-equiv": F = G  x (x[F]  x[G])
4378proof(rule "≡I"; rule "→I")
4379  AOT_assume F = G
4380  AOT_thus x (x[F]  x[G])
4381    by (rule "rule=E"[rotated]) (fact "oth-class-taut:3:a"[THEN GEN])
4382next
4383  AOT_assume x (x[F]  x[G])
4384  AOT_hence x[F]  x[G] for x
4385    using "∀E" by blast
4386  AOT_hence (x[F]  x[G]) for x
4387    using "en-eq:6[1]"[THEN "≡E"(1)] by blast
4388  AOT_hence x (x[F]  x[G])
4389    by (rule GEN)
4390  AOT_hence x (x[F]  x[G])
4391    using BF[THEN "→E"] by fast
4392  AOT_thus "F = G"
4393    using "p-identity-thm2:1"[THEN "≡E"(2)] by blast
4394qed
4395
4396AOT_theorem "relations:1":
4397  assumes INSTANCE_OF_CQT_2(φ)
4398  shows F x1...∀xn ([F]x1...xn  φ{x1...xn})
4399  apply (rule "∃I"(1)[where τ="«x1...xn φ{x1...xn}]»"])
4400  using "cqt:2[lambda]"[OF assms, axiom_inst]
4401        "beta-C-cor:2"[THEN "→E", THEN RN] by blast+
4402
4403AOT_theorem "relations:2":
4404  assumes INSTANCE_OF_CQT_2(φ)
4405  shows F x ([F]x  φ{x})
4406  using "relations:1" assms by blast
4407
4408AOT_theorem "block-paradox:1": ¬x G (x[G] & ¬[G]x)]
4409proof(rule RAA(2))
4410  let ="λ τ. «G (τ[G] & ¬[G]τ)»"
4411  AOT_assume A: x « x»]
4412  AOT_have x (A!x & F (x[F]  F = x « x»]))
4413    using "A-objects"[axiom_inst] by fast
4414  then AOT_obtain a where ξ: A!a & F (a[F]  F = x « x»])
4415    using "∃E"[rotated] by blast
4416  AOT_show ¬x G (x[G] & ¬[G]x)]
4417  proof (rule "∨E"(1)[OF "exc-mid"]; rule "→I")
4418    AOT_assume B: x « x»]a
4419    AOT_hence G (a[G] & ¬[G]a)
4420      using "β→C" A by blast
4421    then AOT_obtain P where a[P] & ¬[P]a
4422      using "∃E"[rotated] by blast
4423    moreover AOT_have P = x « x»]
4424      using ξ[THEN "&E"(2), THEN "∀E"(2), THEN "≡E"(1)]
4425            calculation[THEN "&E"(1)] by blast
4426    ultimately AOT_have ¬x « x»]a
4427      using "rule=E" "&E"(2) by fast
4428    AOT_thus ¬x G (x[G] & ¬[G]x)]
4429      using B RAA by blast
4430  next
4431    AOT_assume B: ¬x « x»]a
4432    AOT_hence ¬G (a[G] & ¬[G]a)
4433      using "β←C" "cqt:2[const_var]"[of a, axiom_inst] A by blast
4434    AOT_hence C: G ¬(a[G] & ¬[G]a)
4435      using "cqt-further:4"[THEN "→E"] by blast
4436    AOT_have G (a[G]  [G]a)
4437      by (AOT_subst a[G]  [G]a ¬(a[G] & ¬[G]a) for: G)
4438         (auto simp: "oth-class-taut:1:a" C)
4439    AOT_hence ax « x»]  x « x»]a
4440      using "∀E" A by blast
4441    moreover AOT_have ax « x»]
4442      using ξ[THEN "&E"(2), THEN "∀E"(1), OF A, THEN "≡E"(2)]
4443      using "=I"(1)[OF A] by blast
4444    ultimately AOT_show ¬x G (x[G] & ¬[G]x)]
4445      using B "→E" RAA by blast
4446  qed
4447qed(simp)
4448
4449AOT_theorem "block-paradox:2": ¬F x([F]x  G(x[G] & ¬[G]x))
4450proof(rule RAA(2))
4451  AOT_assume F x ([F]x  G (x[G] & ¬[G]x))
4452  then AOT_obtain F where F_prop: x ([F]x  G (x[G] & ¬[G]x))
4453    using "∃E"[rotated] by blast
4454  AOT_have x (A!x & G (x[G]  G = F))
4455    using "A-objects"[axiom_inst] by fast
4456  then AOT_obtain a where ξ: A!a & G (a[G]  G = F)
4457    using "∃E"[rotated] by blast
4458  AOT_show ¬F x([F]x  G(x[G] & ¬[G]x))
4459  proof (rule "∨E"(1)[OF "exc-mid"]; rule "→I")
4460    AOT_assume B: [F]a
4461    AOT_hence G (a[G] & ¬[G]a)
4462      using F_prop[THEN "∀E"(2), THEN "≡E"(1)] by blast
4463    then AOT_obtain P where a[P] & ¬[P]a
4464      using "∃E"[rotated] by blast
4465    moreover AOT_have P = F
4466      using ξ[THEN "&E"(2), THEN "∀E"(2), THEN "≡E"(1)]
4467            calculation[THEN "&E"(1)] by blast
4468    ultimately AOT_have ¬[F]a
4469      using "rule=E" "&E"(2) by fast
4470    AOT_thus ¬F x([F]x  G(x[G] & ¬[G]x))
4471      using B RAA by blast
4472  next
4473    AOT_assume B: ¬[F]a
4474    AOT_hence ¬G (a[G] & ¬[G]a)
4475      using "oth-class-taut:4:b"[THEN "≡E"(1),
4476              OF F_prop[THEN "∀E"(2)[of _ _ a]], THEN "≡E"(1)]
4477      by simp
4478    AOT_hence C: G ¬(a[G] & ¬[G]a)
4479      using "cqt-further:4"[THEN "→E"] by blast
4480    AOT_have G (a[G]  [G]a)
4481      by (AOT_subst a[G]  [G]a ¬(a[G] & ¬[G]a) for: G)
4482         (auto simp: "oth-class-taut:1:a" C)
4483    AOT_hence a[F]  [F]a
4484      using "∀E" by blast
4485    moreover AOT_have a[F]
4486      using ξ[THEN "&E"(2), THEN "∀E"(2), of F, THEN "≡E"(2)]
4487      using "=I"(2) by blast
4488    ultimately AOT_show ¬F x([F]x  G(x[G] & ¬[G]x))
4489      using B "→E" RAA by blast
4490  qed
4491qed(simp)
4492
4493AOT_theorem "block-paradox:3": ¬y z z = y]
4494proof(rule RAA(2))
4495  AOT_assume θ: y z z = y]
4496  AOT_have x (A!x & F (x[F]  y(F = z z = y] & ¬y[F])))
4497    using "A-objects"[axiom_inst] by force
4498  then AOT_obtain a where
4499    a_prop: A!a & F (a[F]  y (F = z z = y] & ¬y[F]))
4500    using "∃E"[rotated] by blast
4501  AOT_have ζ: az z = a]  y (z z = a] = z z = y] & ¬yz z = a])
4502    using θ[THEN "∀E"(2)] a_prop[THEN "&E"(2), THEN "∀E"(1)] by blast
4503  AOT_show ¬y z z = y]
4504  proof (rule "∨E"(1)[OF "exc-mid"]; rule "→I")
4505    AOT_assume A: az z = a]
4506    AOT_hence y (z z = a] = z z = y] & ¬yz z = a])
4507      using ζ[THEN "≡E"(1)] by blast
4508    then AOT_obtain b where b_prop: z z = a] = z z = b] & ¬bz z = a]
4509      using "∃E"[rotated] by blast
4510    moreover AOT_have a = a by (rule "=I")
4511    moreover AOT_have z z = a] using θ "∀E" by blast
4512    moreover AOT_have a using "cqt:2[const_var]"[axiom_inst] .
4513    ultimately AOT_have z z = a]a using "β←C" by blast
4514    AOT_hence z z = b]a using "rule=E" b_prop[THEN "&E"(1)] by fast
4515    AOT_hence a = b using "β→C" by blast
4516    AOT_hence bz z = a] using A "rule=E" by fast
4517    AOT_thus ¬y z z = y] using b_prop[THEN "&E"(2)] RAA by blast
4518  next
4519    AOT_assume A: ¬az z = a]
4520    AOT_hence ¬y (z z = a] = z z = y] & ¬yz z = a])
4521      using ζ "oth-class-taut:4:b"[THEN "≡E"(1), THEN "≡E"(1)] by blast
4522    AOT_hence y ¬(z z = a] = z z = y] & ¬yz z = a])
4523      using "cqt-further:4"[THEN "→E"] by blast
4524    AOT_hence ¬(z z = a] = z z = a] & ¬az z = a])
4525      using "∀E" by blast
4526    AOT_hence z z = a] = z z = a]  az z = a]
4527      by (metis "&I" "deduction-theorem" "raa-cor:4")
4528    AOT_hence az z = a] using "=I"(1) θ[THEN "∀E"(2)] "→E" by blast
4529    AOT_thus ¬y z z = y] using A RAA by blast
4530  qed
4531qed(simp)
4532
4533AOT_theorem "block-paradox:4": ¬y F x([F]x  x = y)
4534proof(rule RAA(2))
4535  AOT_assume θ: y F x([F]x  x = y)
4536  AOT_have x (A!x & F (x[F]  z (y([F]y  y = z) & ¬z[F])))
4537    using "A-objects"[axiom_inst] by force
4538  then AOT_obtain a where
4539    a_prop: A!a & F (a[F]  z (y([F]y  y = z) & ¬z[F]))
4540    using "∃E"[rotated] by blast
4541  AOT_obtain F where F_prop: x ([F]x  x = a)
4542    using θ[THEN "∀E"(2)] "∃E"[rotated] by blast
4543  AOT_have ζ: a[F]  z (y ([F]y  y = z) & ¬z[F])
4544    using a_prop[THEN "&E"(2), THEN "∀E"(2)] by blast
4545  AOT_show ¬y F x([F]x  x = y)
4546  proof (rule "∨E"(1)[OF "exc-mid"]; rule "→I")
4547    AOT_assume A: a[F]
4548    AOT_hence z (y ([F]y  y = z) & ¬z[F])
4549      using ζ[THEN "≡E"(1)] by blast
4550    then AOT_obtain b where b_prop: y ([F]y  y = b) & ¬b[F]
4551      using "∃E"[rotated] by blast
4552    moreover AOT_have [F]a
4553      using F_prop[THEN "∀E"(2), THEN "≡E"(2)] "=I"(2) by blast
4554    ultimately AOT_have a = b
4555      using "∀E"(2) "≡E"(1) "&E" by fast
4556    AOT_hence a = b
4557      using "β→C" by blast
4558    AOT_hence b[F]
4559      using A "rule=E" by fast
4560    AOT_thus ¬y F x([F]x  x = y)
4561      using b_prop[THEN "&E"(2)] RAA by blast
4562  next
4563    AOT_assume A: ¬a[F]
4564    AOT_hence ¬z (y ([F]y  y = z) & ¬z[F])
4565      using ζ "oth-class-taut:4:b"[THEN "≡E"(1), THEN "≡E"(1)] by blast
4566    AOT_hence z ¬(y ([F]y  y = z) & ¬z[F])
4567      using "cqt-further:4"[THEN "→E"] by blast
4568    AOT_hence ¬(y ([F]y  y = a) & ¬a[F])
4569      using "∀E" by blast
4570    AOT_hence y ([F]y  y = a)  a[F]
4571      by (metis "&I" "deduction-theorem" "raa-cor:4")
4572    AOT_hence a[F] using F_prop "→E" by blast
4573    AOT_thus ¬y F x([F]x  x = y)
4574      using A RAA by blast
4575  qed
4576qed(simp)
4577
4578AOT_theorem "block-paradox:5": ¬Fxy([F]xy  y = x)
4579proof(rule "raa-cor:2")
4580  AOT_assume Fxy([F]xy  y = x)
4581  then AOT_obtain F where F_prop: xy([F]xy  y = x)
4582    using "∃E"[rotated] by blast
4583  {
4584    fix x
4585    AOT_have 1: y([F]xy  y = x)
4586      using F_prop "∀E" by blast
4587    AOT_have 2: z [F]xz] by "cqt:2"
4588    moreover AOT_have y(z [F]xz]y  y = x)
4589    proof(rule "∀I")
4590      fix y
4591      AOT_have z [F]xz]y  [F]xy
4592        using "beta-C-meta"[THEN "→E"] 2 by fast
4593      also AOT_have ...  y = x
4594        using 1 "∀E" by fast
4595      finally AOT_show z [F]xz]y  y = x.
4596    qed
4597    ultimately AOT_have Fy([F]y  y = x)
4598      using "∃I" by fast
4599  }
4600  AOT_hence xFy([F]y  y = x)
4601    by (rule GEN)
4602  AOT_thus xFy([F]y  y = x) & ¬xFy([F]y  y = x)
4603    using "&I" "block-paradox:4" by blast
4604qed
4605
4606AOT_act_theorem "block-paradox2:1":
4607  x [G]x  ¬x [G]ιy (y = x & H (x[H] & ¬[H]x))]
4608proof(rule "→I"; rule "raa-cor:2")
4609  AOT_assume antecedant: x [G]x
4610  AOT_have Lemma: x ([G]ιy(y = x & H (x[H] & ¬[H]x))  H (x[H] & ¬[H]x))
4611  proof(rule GEN)
4612    fix x
4613    AOT_have A: [G]ιy (y = x & H (x[H] & ¬[H]x)) 
4614                 ∃!y (y = x & H (x[H] & ¬[H]x))
4615    proof(rule "≡I"; rule "→I")
4616      AOT_assume [G]ιy (y = x & H (x[H] & ¬[H]x))
4617      AOT_hence ιy (y = x & H (x[H] & ¬[H]x))
4618        using "cqt:5:a"[axiom_inst, THEN "→E", THEN "&E"(2)] by blast
4619      AOT_thus ∃!y (y = x & H (x[H] & ¬[H]x))
4620        using "!-exists:1"[THEN "≡E"(1)] by blast
4621    next
4622      AOT_assume A: ∃!y (y = x & H (x[H] & ¬[H]x))
4623      AOT_obtain a where a_1: a = x & H (x[H] & ¬[H]x)
4624                     and a_2: z (z = x & H (x[H] & ¬[H]x)  z = a)
4625        using "uniqueness:1"[THEN "≡dfE", OF A] "&E" "∃E"[rotated] by blast
4626      AOT_have a_3: [G]a
4627        using antecedant "∀E" by blast
4628      AOT_show [G]ιy (y = x & H (x[H] & ¬[H]x))
4629        apply (rule "russell-axiom[exe,1].russell-axiom"[THEN "≡E"(2)])
4630        apply (rule "∃I"(2))
4631        using a_1 a_2 a_3 "&I" by blast
4632    qed
4633    also AOT_have B: ...  H (x[H] & ¬[H]x)
4634    proof (rule "≡I"; rule "→I")
4635      AOT_assume A: ∃!y (y = x & H (x[H] & ¬[H]x))
4636      AOT_obtain a where a = x & H (x[H] & ¬[H]x)
4637        using "uniqueness:1"[THEN "≡dfE", OF A] "&E" "∃E"[rotated] by blast
4638      AOT_thus H (x[H] & ¬[H]x) using "&E" by blast
4639    next
4640      AOT_assume H (x[H] & ¬[H]x)
4641      AOT_hence x = x & H (x[H] & ¬[H]x)
4642        using "id-eq:1" "&I" by blast
4643      moreover AOT_have z (z = x & H (x[H] & ¬[H]x)  z = x)
4644        by (simp add: "Conjunction Simplification"(1) "universal-cor")
4645      ultimately AOT_show ∃!y (y = x & H (x[H] & ¬[H]x))
4646        using "uniqueness:1"[THEN "≡dfI"] "&I" "∃I"(2) by fast
4647    qed
4648    finally AOT_show ([G]ιy(y = x & H (x[H] & ¬[H]x))  H (x[H] & ¬[H]x)) .
4649  qed
4650
4651  AOT_assume A: x [G]ιy (y = x & H (x[H] & ¬[H]x))]
4652  AOT_have θ: x (x [G]ιy (y = x & H (x[H] & ¬[H]x))]x 
4653                   [G]ιy(y = x & H (x[H] & ¬[H]x)))
4654    using "beta-C-meta"[THEN "→E", OF A] "∀I" by fast
4655  AOT_have x (x [G]ιy (y = x & H (x[H] & ¬[H]x))]x  H (x[H] & ¬[H]x))
4656    using θ Lemma "cqt-basic:10"[THEN "→E"] "&I" by fast
4657  AOT_hence F x ([F]x  H (x[H] & ¬[H]x))
4658    using "∃I"(1) A by fast
4659  AOT_thus (F x ([F]x  H (x[H] & ¬[H]x))) &
4660            (¬F x ([F]x  H (x[H] & ¬[H]x)))
4661    using "block-paradox:2" "&I" by blast
4662qed
4663
4664AOT_act_theorem "block-paradox2:2":
4665  G ¬x [G]ιy (y = x & H (x[H] & ¬[H]x))]
4666proof(rule "∃I"(1))
4667  AOT_have 0: x p (p p)]
4668    by "cqt:2[lambda]"
4669  moreover AOT_have x x p (p p)]x
4670    apply (rule GEN)
4671    apply (rule "beta-C-cor:2"[THEN "→E", OF 0, THEN "∀E"(2), THEN "≡E"(2)])
4672    using "if-p-then-p" GEN by fast
4673  moreover AOT_have G (x [G]x  ¬x [G]ιy (y = x & H (x[H] & ¬[H]x))])
4674      using "block-paradox2:1" "∀I" by fast
4675  ultimately AOT_show ¬x x p (p p)]ιy (y = x & H (x[H] & ¬[H]x))]
4676    using "∀E"(1) "→E" by blast
4677qed("cqt:2[lambda]")
4678
4679AOT_theorem propositions: p (p  φ)
4680proof(rule "∃I"(1))
4681  AOT_show (φ  φ)
4682    by (simp add: RN "oth-class-taut:3:a")
4683next
4684  AOT_show φ
4685    by (simp add: "log-prop-prop:2")
4686qed
4687
4688AOT_theorem "pos-not-equiv-ne:1":
4689  (¬x1...∀xn ([F]x1...xn  [G]x1...xn))  F  G
4690proof (rule "→I")
4691  AOT_assume ¬x1...∀xn ([F]x1...xn  [G]x1...xn)
4692  AOT_hence ¬x1...∀xn ([F]x1...xn  [G]x1...xn)
4693    using "KBasic:11"[THEN "≡E"(2)] by blast
4694  AOT_hence ¬(F = G)
4695    using "id-rel-nec-equiv:1" "modus-tollens:1" by blast
4696  AOT_thus F  G
4697    using "=-infix"[THEN "≡dfI"] by blast
4698qed
4699
4700AOT_theorem "pos-not-equiv-ne:2": (¬(φ{F}  φ{G}))  F  G
4701proof (rule "→I")
4702  AOT_modally_strict {
4703    AOT_have ¬(φ{F}  φ{G})  ¬(F = G)
4704    proof (rule "→I"; rule "raa-cor:2")
4705      AOT_assume 1: F = G
4706      AOT_hence φ{F}  φ{G}
4707        using "l-identity"[axiom_inst, THEN "→E"] by blast
4708      moreover {
4709        AOT_have G = F
4710          using 1 id_sym by blast
4711        AOT_hence φ{G}  φ{F}
4712          using "l-identity"[axiom_inst, THEN "→E"] by blast
4713      }
4714      ultimately AOT_have φ{F}  φ{G}
4715        using "≡I" by blast
4716      moreover AOT_assume ¬(φ{F}  φ{G})
4717      ultimately AOT_show (φ{F}  φ{G}) & ¬(φ{F}  φ{G})
4718        using "&I" by blast
4719    qed
4720  }
4721  AOT_hence ¬(φ{F}  φ{G})  ¬(F = G)
4722    using "RM:2[prem]" by blast
4723  moreover AOT_assume ¬(φ{F}  φ{G})
4724  ultimately AOT_have 0: ¬(F = G) using "→E" by blast
4725  AOT_have (F  G)
4726    by (AOT_subst F  G ¬(F = G))
4727       (auto simp: "=-infix" "≡Df" 0)
4728  AOT_thus F  G
4729    using "id-nec2:3"[THEN "→E"] by blast
4730qed
4731
4732AOT_theorem "pos-not-equiv-ne:2[zero]": (¬(φ{p}  φ{q}))  p  q
4733proof (rule "→I")
4734  AOT_modally_strict {
4735    AOT_have ¬(φ{p}  φ{q})  ¬(p = q)
4736    proof (rule "→I"; rule "raa-cor:2")
4737      AOT_assume 1: p = q
4738      AOT_hence φ{p}  φ{q}
4739        using "l-identity"[axiom_inst, THEN "→E"] by blast
4740      moreover {
4741        AOT_have q = p
4742          using 1 id_sym by blast
4743        AOT_hence φ{q}  φ{p}
4744          using "l-identity"[axiom_inst, THEN "→E"] by blast
4745      }
4746      ultimately AOT_have φ{p}  φ{q}
4747        using "≡I" by blast
4748      moreover AOT_assume ¬(φ{p}  φ{q})
4749      ultimately AOT_show (φ{p}  φ{q}) & ¬(φ{p}  φ{q})
4750        using "&I" by blast
4751    qed
4752  }
4753  AOT_hence ¬(φ{p}  φ{q})  ¬(p = q)
4754    using "RM:2[prem]" by blast
4755  moreover AOT_assume ¬(φ{p}  φ{q})
4756  ultimately AOT_have 0: ¬(p = q) using "→E" by blast
4757  AOT_have (p  q)
4758    by (AOT_subst p  q ¬(p = q))
4759       (auto simp: 0 "=-infix" "≡Df")
4760  AOT_thus p  q
4761    using "id-nec2:3"[THEN "→E"] by blast
4762qed
4763
4764AOT_theorem "pos-not-equiv-ne:3":
4765  (¬x1...∀xn ([F]x1...xn  [G]x1...xn))  F  G
4766  using "→I" "pos-not-equiv-ne:1"[THEN "→E"] "T◇"[THEN "→E"] by blast
4767
4768AOT_theorem "pos-not-equiv-ne:4": (¬(φ{F}  φ{G}))  F  G
4769  using "→I" "pos-not-equiv-ne:2"[THEN "→E"] "T◇"[THEN "→E"] by blast
4770
4771AOT_theorem "pos-not-equiv-ne:4[zero]": (¬(φ{p}  φ{q}))  p  q
4772  using "→I" "pos-not-equiv-ne:2[zero]"[THEN "→E"]
4773        "T◇"[THEN "→E"] by blast
4774
4775AOT_define relation_negation ::  Π" ("_-")
4776  "df-relation-negation": "[F]- =df x1...xn ¬[F]x1...xn]"
4777
4778nonterminal φneg
4779syntax "" :: "φneg  τ" ("_")
4780syntax "" :: "φneg  φ" ("'(_')")
4781
4782AOT_define relation_negation_0 :: ‹φ  φneg› ("'(_')-")
4783  "df-relation-negation[zero]": "(p)- =df  ¬p]"
4784
4785AOT_theorem "rel-neg-T:1": x1...xn ¬[Π]x1...xn]
4786  by "cqt:2[lambda]"
4787
4788AOT_theorem "rel-neg-T:1[zero]":  ¬φ]
4789  using "cqt:2[lambda0]"[axiom_inst] by blast
4790
4791AOT_theorem "rel-neg-T:2": [Π]- = x1...xn ¬[Π]x1...xn]
4792  using "=I"(1)[OF "rel-neg-T:1"]
4793  by (rule "=dfI"(1)[OF "df-relation-negation", OF "rel-neg-T:1"])
4794
4795AOT_theorem "rel-neg-T:2[zero]": (φ)- =  ¬φ]
4796  using "=I"(1)[OF "rel-neg-T:1[zero]"]
4797  by (rule "=dfI"(1)[OF "df-relation-negation[zero]", OF "rel-neg-T:1[zero]"])
4798
4799AOT_theorem "rel-neg-T:3": [Π]-
4800  using "=dfI"(1)[OF "df-relation-negation", OF "rel-neg-T:1"]
4801        "rel-neg-T:1" by blast
4802
4803AOT_theorem "rel-neg-T:3[zero]": (φ)-
4804  using "log-prop-prop:2" by blast
4805
4806(* Note: PLM states the zero place case twice *)
4807AOT_theorem "thm-relation-negation:1": [F]-x1...xn  ¬[F]x1...xn
4808proof -
4809  AOT_have [F]-x1...xn  x1...xn ¬[F]x1...xn]x1...xn
4810    using "rule=E"[rotated, OF "rel-neg-T:2"]
4811          "rule=E"[rotated, OF "rel-neg-T:2"[THEN id_sym]]
4812          "→I" "≡I" by fast
4813  also AOT_have ...  ¬[F]x1...xn
4814    using "beta-C-meta"[THEN "→E", OF "rel-neg-T:1"] by fast
4815  finally show ?thesis.
4816qed
4817
4818AOT_theorem "thm-relation-negation:2": ¬[F]-x1...xn  [F]x1...xn
4819  apply (AOT_subst [F]x1...xn ¬¬[F]x1...xn)
4820   apply (simp add: "oth-class-taut:3:b")
4821  apply (rule "oth-class-taut:4:b"[THEN "≡E"(1)])
4822  using "thm-relation-negation:1".
4823
4824AOT_theorem "thm-relation-negation:3": ((p)-)  ¬p
4825proof -
4826  AOT_have (p)- =  ¬p] using "rel-neg-T:2[zero]" by blast
4827  AOT_hence ((p)-)   ¬p]
4828    using "df-relation-negation[zero]" "log-prop-prop:2"
4829          "oth-class-taut:3:a" "rule-id-df:2:a" by blast
4830  also AOT_have  ¬p]  ¬p
4831    by (simp add: "propositions-lemma:2")
4832  finally show ?thesis.
4833qed
4834
4835AOT_theorem "thm-relation-negation:4": (¬((p)-))  p
4836  using "thm-relation-negation:3"[THEN "≡E"(1)]
4837        "thm-relation-negation:3"[THEN "≡E"(2)]
4838        "≡I" "→I" RAA by metis
4839
4840AOT_theorem "thm-relation-negation:5": [F]  [F]-
4841proof -
4842  AOT_have ¬([F] = [F]-)
4843  proof (rule RAA(2))
4844    AOT_show [F]x1...xn  [F]x1...xn for x1xn
4845      using "if-p-then-p".
4846  next
4847    AOT_assume [F] = [F]-
4848    AOT_hence [F]- = [F] using id_sym by blast
4849    AOT_hence [F]x1...xn  ¬[F]x1...xn for x1xn
4850      using "rule=E" "thm-relation-negation:1" by fast
4851    AOT_thus ¬([F]x1...xn  [F]x1...xn) for x1xn
4852      using "≡E" RAA by metis
4853  qed
4854  thus ?thesis
4855    using "≡dfI" "=-infix" by blast
4856qed
4857
4858AOT_theorem "thm-relation-negation:6": p  (p)-
4859proof -
4860  AOT_have ¬(p = (p)-)
4861  proof (rule RAA(2))
4862    AOT_show p  p
4863      using "if-p-then-p".
4864  next
4865    AOT_assume p = (p)-
4866    AOT_hence (p)- = p using id_sym by blast
4867    AOT_hence p  ¬p
4868      using "rule=E" "thm-relation-negation:3" by fast
4869    AOT_thus ¬(p  p)
4870      using "≡E" RAA by metis
4871  qed
4872  thus ?thesis
4873    using "≡dfI" "=-infix" by blast
4874qed
4875
4876AOT_theorem "thm-relation-negation:7": (p)- = (¬p)
4877  apply (rule "df-relation-negation[zero]"[THEN "=dfE"(1)])
4878  using "cqt:2[lambda0]"[axiom_inst] "rel-neg-T:2[zero]"
4879        "propositions-lemma:1" id_trans by blast+
4880
4881AOT_theorem "thm-relation-negation:8": p = q  (¬p) = (¬q)
4882proof(rule "→I")
4883  AOT_assume p = q
4884  moreover AOT_have (¬p) using "log-prop-prop:2".
4885  moreover AOT_have (¬p) = (¬p) using calculation(2) "=I" by blast
4886  ultimately AOT_show (¬p) = (¬q)
4887    using "rule=E" by fast
4888qed
4889
4890AOT_theorem "thm-relation-negation:9": p = q  (p)- = (q)-
4891proof(rule "→I")
4892  AOT_assume p = q
4893  AOT_hence (¬p) = (¬q) using "thm-relation-negation:8" "→E" by blast
4894  AOT_thus (p)- = (q)-
4895    using "thm-relation-negation:7" id_sym id_trans by metis
4896qed
4897
4898AOT_define Necessary :: ‹Π  φ› ("Necessary'(_')")
4899  "contingent-properties:1":
4900  Necessary([F]) df x1...∀xn [F]x1...xn
4901
4902AOT_define Necessary0 :: ‹φ  φ› ("Necessary0'(_')")
4903  "contingent-properties:1[zero]":
4904  Necessary0(p) df p
4905
4906AOT_define Impossible :: ‹Π  φ› ("Impossible'(_')")
4907  "contingent-properties:2":
4908  Impossible([F]) df F & x1...∀xn ¬[F]x1...xn
4909
4910AOT_define Impossible0 :: ‹φ  φ› ("Impossible0'(_')")
4911  "contingent-properties:2[zero]":
4912  Impossible0(p) df ¬p
4913
4914AOT_define NonContingent :: ‹Π  φ› ("NonContingent'(_')")
4915  "contingent-properties:3":
4916  NonContingent([F]) df Necessary([F])  Impossible([F])
4917
4918AOT_define NonContingent0 :: ‹φ  φ› ("NonContingent0'(_')")
4919  "contingent-properties:3[zero]":
4920  NonContingent0(p) df Necessary0(p)  Impossible0(p)
4921
4922AOT_define Contingent :: ‹Π  φ› ("Contingent'(_')")
4923  "contingent-properties:4":
4924  Contingent([F]) df F & ¬(Necessary([F])  Impossible([F]))
4925
4926AOT_define Contingent0 :: ‹φ  φ› ("Contingent0'(_')")
4927  "contingent-properties:4[zero]":
4928  Contingent0(p) df ¬(Necessary0(p)  Impossible0(p))
4929
4930
4931AOT_theorem "thm-cont-prop:1": NonContingent([F])  NonContingent([F]-)
4932proof (rule "≡I"; rule "→I")
4933  AOT_assume NonContingent([F])
4934  AOT_hence Necessary([F])  Impossible([F])
4935    using "≡dfE"[OF "contingent-properties:3"] by blast
4936  moreover {
4937    AOT_assume Necessary([F])
4938    AOT_hence (x1...∀xn [F]x1...xn)
4939      using "≡dfE"[OF "contingent-properties:1"] by blast
4940    moreover AOT_modally_strict {
4941      AOT_assume x1...∀xn [F]x1...xn
4942      AOT_hence [F]x1...xn for x1xn using "∀E" by blast
4943      AOT_hence ¬[F]-x1...xn for x1xn
4944        by (meson "≡E"(6) "oth-class-taut:3:a"
4945                  "thm-relation-negation:2" "≡E"(1))
4946      AOT_hence x1...∀xn ¬[F]-x1...xn using "∀I" by fast
4947    }
4948    ultimately AOT_have (x1...∀xn ¬[F]-x1...xn)
4949      using "RN[prem]"[where Γ="{«x1...∀xn [F]x1...xn»}", simplified] by blast
4950    AOT_hence Impossible([F]-)
4951      using "≡Df"[OF "contingent-properties:2", THEN "≡S"(1),
4952                  OF "rel-neg-T:3", THEN "≡E"(2)]
4953      by blast
4954  }
4955  moreover {
4956    AOT_assume Impossible([F])
4957    AOT_hence (x1...∀xn ¬[F]x1...xn)
4958      using "≡Df"[OF "contingent-properties:2", THEN "≡S"(1),
4959                  OF "cqt:2[const_var]"[axiom_inst], THEN "≡E"(1)]
4960      by blast
4961    moreover AOT_modally_strict {
4962      AOT_assume x1...∀xn ¬[F]x1...xn
4963      AOT_hence ¬[F]x1...xn for x1xn using "∀E" by blast
4964      AOT_hence [F]-x1...xn for x1xn
4965        by (meson "≡E"(6) "oth-class-taut:3:a"
4966                  "thm-relation-negation:1" "≡E"(1))
4967      AOT_hence x1...∀xn [F]-x1...xn using "∀I" by fast
4968    }
4969    ultimately AOT_have (x1...∀xn [F]-x1...xn)
4970      using "RN[prem]"[where Γ="{«x1...∀xn ¬[F]x1...xn»}"] by blast
4971    AOT_hence Necessary([F]-)
4972      using "≡dfI"[OF "contingent-properties:1"] by blast
4973  }
4974  ultimately AOT_have Necessary([F]-)  Impossible([F]-)
4975    using "∨E"(1) "∨I" "→I" by metis
4976  AOT_thus NonContingent([F]-)
4977    using "≡dfI"[OF "contingent-properties:3"] by blast
4978next
4979  AOT_assume NonContingent([F]-)
4980  AOT_hence Necessary([F]-)  Impossible([F]-)
4981    using "≡dfE"[OF "contingent-properties:3"] by blast
4982  moreover {
4983    AOT_assume Necessary([F]-)
4984    AOT_hence (x1...∀xn [F]-x1...xn)
4985      using "≡dfE"[OF "contingent-properties:1"] by blast
4986    moreover AOT_modally_strict {
4987      AOT_assume x1...∀xn [F]-x1...xn
4988      AOT_hence [F]-x1...xn for x1xn using "∀E" by blast
4989      AOT_hence ¬[F]x1...xn for x1xn
4990        by (meson "≡E"(6) "oth-class-taut:3:a"
4991                  "thm-relation-negation:1" "≡E"(2))
4992      AOT_hence x1...∀xn ¬[F]x1...xn using "∀I" by fast
4993    }
4994    ultimately AOT_have x1...∀xn ¬[F]x1...xn
4995      using "RN[prem]"[where Γ="{«x1...∀xn [F]-x1...xn»}"] by blast
4996    AOT_hence Impossible([F])
4997      using "≡Df"[OF "contingent-properties:2", THEN "≡S"(1),
4998                  OF "cqt:2[const_var]"[axiom_inst], THEN "≡E"(2)]
4999      by blast
5000  }
5001  moreover {
5002    AOT_assume Impossible([F]-)
5003    AOT_hence (x1...∀xn ¬[F]-x1...xn)
5004      using "≡Df"[OF "contingent-properties:2", THEN "≡S"(1),
5005                  OF "rel-neg-T:3", THEN "≡E"(1)]
5006      by blast
5007    moreover AOT_modally_strict {
5008      AOT_assume x1...∀xn ¬[F]-x1...xn
5009      AOT_hence ¬[F]-x1...xn for x1xn using "∀E" by blast
5010      AOT_hence [F]x1...xn for x1xn 
5011        using "thm-relation-negation:1"[THEN
5012                "oth-class-taut:4:b"[THEN "≡E"(1)], THEN "≡E"(1)]
5013              "useful-tautologies:1"[THEN "→E"] by blast
5014      AOT_hence x1...∀xn [F]x1...xn using "∀I" by fast
5015    }
5016    ultimately AOT_have (x1...∀xn [F]x1...xn)
5017      using "RN[prem]"[where Γ="{«x1...∀xn ¬[F]-x1...xn»}"] by blast
5018    AOT_hence Necessary([F])
5019      using "≡dfI"[OF "contingent-properties:1"] by blast
5020  }
5021  ultimately AOT_have Necessary([F])  Impossible([F])
5022    using "∨E"(1) "∨I" "→I" by metis
5023  AOT_thus NonContingent([F])
5024    using "≡dfI"[OF "contingent-properties:3"] by blast
5025qed
5026
5027AOT_theorem "thm-cont-prop:2": Contingent([F])  x [F]x & x ¬[F]x
5028proof -
5029  AOT_have Contingent([F])  ¬(Necessary([F])  Impossible([F]))
5030    using "contingent-properties:4"[THEN "≡Df", THEN "≡S"(1),
5031                                    OF "cqt:2[const_var]"[axiom_inst]]
5032    by blast
5033  also AOT_have ...  ¬Necessary([F]) & ¬Impossible([F])
5034    using "oth-class-taut:5:d" by fastforce
5035  also AOT_have ...  ¬Impossible([F]) & ¬Necessary([F])
5036    by (simp add: "Commutativity of &")
5037  also AOT_have ...  x [F]x & ¬Necessary([F])
5038  proof (rule "oth-class-taut:4:e"[THEN "→E"])
5039    AOT_have ¬Impossible([F])  ¬¬ x [F]x
5040      apply (rule "oth-class-taut:4:b"[THEN "≡E"(1)])
5041      apply (AOT_subst x [F]x ¬ x ¬[F]x)
5042       apply (simp add: "conventions:4" "≡Df")
5043      apply (AOT_subst (reverse) ¬¬x ¬[F]x x ¬[F]x)
5044       apply (simp add: "oth-class-taut:3:b")
5045      using "contingent-properties:2"[THEN "≡Df", THEN "≡S"(1),
5046                                      OF "cqt:2[const_var]"[axiom_inst]]
5047      by blast
5048    also AOT_have ...  x [F]x
5049      using "conventions:5"[THEN "≡Df", symmetric] by blast
5050    finally AOT_show ¬Impossible([F])  x [F]x .
5051  qed
5052  also AOT_have ...  x [F]x & x ¬[F]x
5053  proof (rule "oth-class-taut:4:f"[THEN "→E"])
5054    AOT_have ¬Necessary([F])  ¬¬x ¬[F]x
5055      apply (rule "oth-class-taut:4:b"[THEN "≡E"(1)])
5056      apply (AOT_subst x ¬[F]x ¬ x ¬¬[F]x)
5057       apply (simp add: "conventions:4" "≡Df")
5058      apply (AOT_subst (reverse) ¬¬[F]x [F]x for: x)
5059       apply (simp add: "oth-class-taut:3:b")
5060      apply (AOT_subst (reverse) ¬¬x [F]x x [F]x)
5061      by (auto simp: "oth-class-taut:3:b" "contingent-properties:1" "≡Df")
5062    also AOT_have ...  x ¬[F]x
5063      using "conventions:5"[THEN "≡Df", symmetric] by blast
5064    finally AOT_show ¬Necessary([F])  x ¬[F]x.
5065  qed
5066  finally show ?thesis.
5067qed
5068
5069AOT_theorem "thm-cont-prop:3":
5070  Contingent([F])  Contingent([F]-) for F::<κ> AOT_var›
5071proof -
5072  {
5073    fix Π :: <κ>
5074    AOT_assume Π
5075    moreover AOT_have F (Contingent([F])  x [F]x & x ¬[F]x)
5076      using "thm-cont-prop:2" GEN by fast
5077    ultimately  AOT_have Contingent([Π])  x [Π]x & x ¬[Π]x
5078      using "thm-cont-prop:2" "∀E" by fast
5079  } note 1 = this
5080  AOT_have Contingent([F])  x [F]x & x ¬[F]x
5081    using "thm-cont-prop:2" by blast
5082  also AOT_have ...  x ¬[F]x & x [F]x
5083    by (simp add: "Commutativity of &")
5084  also AOT_have ...  x [F]-x & x [F]x
5085    by (AOT_subst [F]-x ¬[F]x for: x)
5086       (auto simp: "thm-relation-negation:1" "oth-class-taut:3:a")
5087  also AOT_have ...  x [F]-x & x ¬[F]-x
5088    by (AOT_subst (reverse) [F]x ¬[F]-x for: x)
5089       (auto simp: "thm-relation-negation:2" "oth-class-taut:3:a")
5090  also AOT_have ...  Contingent([F]-)
5091    using 1[OF "rel-neg-T:3", symmetric] by blast
5092  finally show ?thesis.
5093qed
5094
5095AOT_define concrete_if_concrete :: ‹Π› ("L")
5096  L_def: L =df x E!x  E!x]
5097
5098AOT_theorem "thm-noncont-e-e:1": Necessary(L)
5099proof -
5100  AOT_modally_strict {
5101    fix x
5102    AOT_have x E!x  E!x] by "cqt:2[lambda]"
5103    moreover AOT_have x using "cqt:2[const_var]"[axiom_inst] by blast
5104    moreover AOT_have E!x  E!x using "if-p-then-p" by blast
5105    ultimately AOT_have x E!x  E!x]x
5106      using "β←C" by blast
5107  }
5108  AOT_hence 0: x x E!x  E!x]x
5109    using RN GEN by blast
5110  show ?thesis
5111    apply (rule "=dfI"(2)[OF L_def])
5112     apply "cqt:2[lambda]"
5113    by (rule "contingent-properties:1"[THEN "≡dfI", OF 0])
5114qed
5115
5116AOT_theorem "thm-noncont-e-e:2": Impossible([L]-)
5117proof -
5118  AOT_modally_strict {
5119    fix x
5120
5121    AOT_have 0: F (¬[F]-x  [F]x)
5122      using "thm-relation-negation:2" GEN by fast
5123    AOT_have ¬x E!x  E!x]-x  x E!x  E!x]x
5124      by (rule 0[THEN "∀E"(1)]) "cqt:2[lambda]"
5125    moreover {
5126      AOT_have x E!x  E!x] by "cqt:2[lambda]"
5127      moreover AOT_have x using "cqt:2[const_var]"[axiom_inst] by blast
5128      moreover AOT_have E!x  E!x using "if-p-then-p" by blast
5129      ultimately AOT_have x E!x  E!x]x
5130        using "β←C" by blast
5131    }
5132    ultimately AOT_have ¬x E!x  E!x]-x
5133      using "≡E" by blast
5134  }
5135  AOT_hence 0: x ¬x E!x  E!x]-x
5136    using RN GEN by fast
5137  show ?thesis
5138    apply (rule "=dfI"(2)[OF L_def])
5139     apply "cqt:2[lambda]"
5140    apply (rule "contingent-properties:2"[THEN "≡dfI"]; rule "&I")
5141     using "rel-neg-T:3"
5142     apply blast
5143    using 0
5144    by blast
5145qed
5146
5147AOT_theorem "thm-noncont-e-e:3": NonContingent(L)
5148  using "thm-noncont-e-e:1"
5149  by (rule "contingent-properties:3"[THEN "≡dfI", OF "∨I"(1)])
5150
5151AOT_theorem "thm-noncont-e-e:4": NonContingent([L]-)
5152proof -
5153  AOT_have 0: F (NonContingent([F])  NonContingent([F]-))
5154    using "thm-cont-prop:1" "∀I" by fast
5155  moreover AOT_have 1: L
5156    by (rule "=dfI"(2)[OF L_def]) "cqt:2[lambda]"+
5157  AOT_show NonContingent([L]-)
5158    using "∀E"(1)[OF 0, OF 1, THEN "≡E"(1), OF "thm-noncont-e-e:3"] by blast
5159qed
5160
5161AOT_theorem "thm-noncont-e-e:5":
5162  F G (F  «G::<κ>» & NonContingent([F]) & NonContingent([G]))
5163proof (rule "∃I")+
5164  {
5165    AOT_have F [F]  [F]-
5166      using "thm-relation-negation:5" GEN by fast
5167    moreover AOT_have L
5168      by (rule "=dfI"(2)[OF L_def]) "cqt:2[lambda]"+
5169    ultimately AOT_have L  [L]-
5170      using "∀E" by blast
5171  }
5172  AOT_thus L  [L]- & NonContingent(L) & NonContingent([L]-)
5173    using "thm-noncont-e-e:3" "thm-noncont-e-e:4" "&I" by metis
5174next
5175  AOT_show [L]-
5176    using "rel-neg-T:3" by blast
5177next
5178  AOT_show L
5179      by (rule "=dfI"(2)[OF L_def]) "cqt:2[lambda]"+
5180qed
5181
5182AOT_theorem "lem-cont-e:1": x ([F]x & ¬[F]x)  x (¬[F]x & [F]x)
5183proof -
5184  AOT_have x ([F]x & ¬[F]x)  x ([F]x & ¬[F]x)
5185    using "BF◇" "CBF◇" "≡I" by blast
5186  also AOT_have   x ([F]x &  ¬[F]x)
5187    by (AOT_subst ([F]x & ¬[F]x) [F]x &  ¬[F]x for: x)
5188       (auto simp: "S5Basic:11" "cqt-further:7")
5189  also AOT_have   x (¬[F]x & [F]x)
5190    by (AOT_subst ¬[F]x & [F]x  [F]x & ¬[F]x for: x)
5191       (auto simp: "Commutativity of &" "cqt-further:7")
5192  also AOT_have   x (¬[F]x & [F]x)
5193    by (AOT_subst (¬[F]x & [F]x) ¬[F]x & [F]x for: x)
5194       (auto simp: "S5Basic:11" "oth-class-taut:3:a")
5195  also AOT_have   x (¬[F]x & [F]x)
5196    using "BF◇" "CBF◇" "≡I" by fast
5197  finally show ?thesis.
5198qed
5199
5200AOT_theorem "lem-cont-e:2":
5201  x ([F]x & ¬[F]x)  x ([F]-x & ¬[F]-x)
5202proof -
5203  AOT_have x ([F]x & ¬[F]x)  x (¬[F]x & [F]x)
5204    using "lem-cont-e:1".
5205  also AOT_have   x ([F]-x & ¬[F]-x)
5206    apply (AOT_subst ¬[F]-x [F]x for: x)
5207     apply (simp add: "thm-relation-negation:2")
5208    apply (AOT_subst [F]-x ¬[F]x for: x)
5209     apply (simp add: "thm-relation-negation:1")
5210    by (simp add: "oth-class-taut:3:a")
5211  finally show ?thesis.
5212qed
5213
5214AOT_theorem "thm-cont-e:1": x (E!x & ¬E!x)
5215proof (rule "CBF◇"[THEN "→E"])
5216  AOT_have x (E!x & ¬𝒜E!x)
5217    using "qml:4"[axiom_inst] "BF◇"[THEN "→E"] by blast
5218  then AOT_obtain a where (E!a & ¬𝒜E!a)
5219    using "∃E"[rotated] by blast
5220  AOT_hence θ: E!a & ¬𝒜E!a
5221    using "KBasic2:3"[THEN "→E"] by blast
5222  AOT_have ξ: E!a & 𝒜¬E!a
5223    by (AOT_subst  𝒜¬E!a ¬𝒜E!a)
5224       (auto simp: "logic-actual-nec:1"[axiom_inst] θ)
5225  AOT_have ζ: E!a & 𝒜¬E!a
5226    by (AOT_subst 𝒜¬E!a 𝒜¬E!a)
5227       (auto simp add: "Act-Sub:4" ξ)
5228  AOT_hence E!a & ¬E!a
5229    using "&E" "&I" "Act-Sub:3"[THEN "→E"] by blast
5230  AOT_hence (E!a & ¬E!a)
5231    using "S5Basic:11"[THEN "≡E"(2)] by simp
5232  AOT_thus x (E!x & ¬E!x)
5233    using "∃I"(2) by fast
5234qed
5235
5236AOT_theorem "thm-cont-e:2": x (¬E!x & E!x)
5237proof -
5238  AOT_have F (x ([F]x & ¬[F]x)  x (¬[F]x & [F]x))
5239    using "lem-cont-e:1" GEN by fast
5240  AOT_hence (x (E!x & ¬E!x)  x (¬E!x & E!x))
5241    using "∀E"(1) "cqt:2[concrete]"[axiom_inst] by blast
5242  thus ?thesis using "thm-cont-e:1" "≡E" by blast
5243qed
5244
5245AOT_theorem "thm-cont-e:3": x E!x
5246proof (rule "CBF◇"[THEN "→E"])
5247  AOT_obtain a where (E!a & ¬E!a)
5248    using "∃E"[rotated, OF "thm-cont-e:1"[THEN "BF◇"[THEN "→E"]]] by blast
5249  AOT_hence E!a
5250    using "KBasic2:3"[THEN "→E", THEN "&E"(1)] by blast
5251  AOT_thus x E!x using "∃I" by fast
5252qed
5253
5254AOT_theorem "thm-cont-e:4": x ¬E!x
5255proof (rule "CBF◇"[THEN "→E"])
5256  AOT_obtain a where (E!a & ¬E!a)
5257    using "∃E"[rotated, OF "thm-cont-e:1"[THEN "BF◇"[THEN "→E"]]] by blast
5258  AOT_hence ¬E!a
5259    using "KBasic2:3"[THEN "→E", THEN "&E"(2)] by blast
5260  AOT_hence ¬E!a
5261    using "4◇"[THEN "→E"] by blast
5262  AOT_thus x ¬E!x using "∃I" by fast
5263qed
5264
5265AOT_theorem "thm-cont-e:5": Contingent([E!])
5266proof -
5267  AOT_have F (Contingent([F])  x [F]x & x ¬[F]x)
5268    using "thm-cont-prop:2" GEN by fast
5269  AOT_hence Contingent([E!])  x E!x & x ¬E!x
5270    using "∀E"(1) "cqt:2[concrete]"[axiom_inst] by blast
5271  thus ?thesis
5272    using "thm-cont-e:3" "thm-cont-e:4" "≡E"(2) "&I" by blast
5273qed
5274
5275AOT_theorem "thm-cont-e:6": Contingent([E!]-)
5276proof -
5277  AOT_have F (Contingent([«F::<κ>»])  Contingent([F]-))
5278    using "thm-cont-prop:3" GEN by fast
5279  AOT_hence Contingent([E!])  Contingent([E!]-)
5280    using "∀E" "cqt:2[concrete]"[axiom_inst] by fast
5281  thus ?thesis using "thm-cont-e:5" "≡E" by blast
5282qed
5283
5284AOT_theorem "thm-cont-e:7":
5285  FG (Contingent([«F::<κ>»]) & Contingent([G]) & F  G)
5286proof (rule "∃I")+
5287  AOT_have F [«F::<κ>»]  [F]-
5288    using "thm-relation-negation:5" GEN by fast
5289  AOT_hence [E!]  [E!]-
5290    using "∀E" "cqt:2[concrete]"[axiom_inst] by fast
5291  AOT_thus Contingent([E!]) & Contingent([E!]-) & [E!]  [E!]-
5292    using "thm-cont-e:5" "thm-cont-e:6" "&I" by metis
5293next
5294  AOT_show E!-
5295    by (fact AOT)
5296next
5297  AOT_show E! by (fact "cqt:2[concrete]"[axiom_inst])
5298qed
5299
5300AOT_theorem "property-facts:1":
5301  NonContingent([F])  ¬G (Contingent([G]) & G = F)
5302proof (rule "→I"; rule "raa-cor:2")
5303  AOT_assume NonContingent([F])
5304  AOT_hence 1: Necessary([F])  Impossible([F])
5305    using "contingent-properties:3"[THEN "≡dfE"] by blast
5306  AOT_assume G (Contingent([G]) & G = F)
5307  then AOT_obtain G where Contingent([G]) & G = F
5308    using "∃E"[rotated] by blast
5309  AOT_hence Contingent([F]) using "rule=E" "&E" by blast
5310  AOT_hence ¬(Necessary([F])  Impossible([F]))
5311    using "contingent-properties:4"[THEN "≡Df", THEN "≡S"(1),
5312            OF "cqt:2[const_var]"[axiom_inst], THEN "≡E"(1)] by blast
5313  AOT_thus (Necessary([F])  Impossible([F])) &
5314            ¬(Necessary([F])  Impossible([F]))
5315    using 1 "&I" by blast
5316qed
5317
5318AOT_theorem "property-facts:2":
5319  Contingent([F])  ¬G (NonContingent([G]) & G = F)
5320proof (rule "→I"; rule "raa-cor:2")
5321  AOT_assume Contingent([F])
5322  AOT_hence 1: ¬(Necessary([F])  Impossible([F]))
5323    using "contingent-properties:4"[THEN "≡Df", THEN "≡S"(1),
5324            OF "cqt:2[const_var]"[axiom_inst], THEN "≡E"(1)] by blast
5325  AOT_assume G (NonContingent([G]) & G = F)
5326  then AOT_obtain G where NonContingent([G]) & G = F
5327    using "∃E"[rotated] by blast
5328  AOT_hence NonContingent([F])
5329    using "rule=E" "&E" by blast
5330  AOT_hence Necessary([F])  Impossible([F])
5331    using "contingent-properties:3"[THEN "≡dfE"] by blast
5332  AOT_thus (Necessary([F])  Impossible([F])) &
5333            ¬(Necessary([F])  Impossible([F]))
5334    using 1 "&I" by blast
5335qed
5336
5337AOT_theorem "property-facts:3":
5338  L  [L]- & L  E! & L  E!- & [L]-  [E!]- & E!  [E!]-
5339proof -
5340  AOT_have noneqI: Π  Π' if φ{Π} and ¬φ{Π'} for φ and Π Π' :: <κ>
5341    apply (rule "=-infix"[THEN "≡dfI"]; rule "raa-cor:2")
5342    using "rule=E"[where φ=φ and τ=Π and σ = Π'] that "&I" by blast
5343  AOT_have contingent_denotes: Π if Contingent([Π]) for Π :: <κ>
5344    using that "contingent-properties:4"[THEN "≡dfE", THEN "&E"(1)] by blast
5345  AOT_have not_noncontingent_if_contingent:
5346    ¬NonContingent([Π]) if Contingent([Π]) for Π :: <κ>
5347  proof(rule RAA(2))
5348    AOT_show ¬(Necessary([Π])  Impossible([Π]))
5349      using that "contingent-properties:4"[THEN "≡Df", THEN "≡S"(1),
5350                    OF contingent_denotes[OF that], THEN "≡E"(1)]
5351      by blast
5352  next
5353    AOT_assume NonContingent([Π])
5354    AOT_thus Necessary([Π])  Impossible([Π])
5355      using "contingent-properties:3"[THEN "≡dfE"] by blast
5356  qed
5357
5358  show ?thesis
5359  proof (safe intro!: "&I")
5360    AOT_show L  [L]-
5361      apply (rule "=dfI"(2)[OF L_def])
5362       apply "cqt:2[lambda]"
5363      apply (rule "∀E"(1)[where φ="λ Π . «Π  [Π]-»"])
5364       apply (rule GEN) apply (fact AOT)
5365      by "cqt:2[lambda]"
5366  next
5367    AOT_show L  E!
5368      apply (rule noneqI)
5369      using "thm-noncont-e-e:3"
5370            not_noncontingent_if_contingent[OF "thm-cont-e:5"]
5371      by auto
5372  next
5373    AOT_show L  E!-
5374      apply (rule noneqI)
5375      using "thm-noncont-e-e:3" apply fast
5376      apply (rule not_noncontingent_if_contingent)
5377      apply (rule "∀E"(1)[
5378            where φ="λ Π . «Contingent([Π])  Contingent([Π]-)»",
5379            rotated, OF contingent_denotes, THEN "≡E"(1), rotated])
5380      using "thm-cont-prop:3" GEN apply fast
5381      using "thm-cont-e:5" by fast+
5382  next
5383    AOT_show [L]-  E!-
5384      apply (rule noneqI)
5385      using "thm-noncont-e-e:4" apply fast
5386      apply (rule not_noncontingent_if_contingent)
5387      apply (rule "∀E"(1)[
5388            where φ="λ Π . «Contingent([Π])  Contingent([Π]-)»",
5389            rotated, OF contingent_denotes, THEN "≡E"(1), rotated])
5390      using "thm-cont-prop:3" GEN apply fast
5391      using "thm-cont-e:5" by fast+
5392  next
5393    AOT_show E!  E!-
5394      apply (rule "=dfI"(2)[OF L_def])
5395       apply "cqt:2[lambda]"
5396      apply (rule "∀E"(1)[where φ="λ Π . «Π  [Π]-»"])
5397       apply (rule GEN) apply (fact AOT)
5398      by (fact "cqt:2[concrete]"[axiom_inst])
5399  qed
5400qed
5401
5402AOT_theorem "thm-cont-propos:1":
5403  NonContingent0(p)  NonContingent0(((p)-))
5404proof(rule "≡I"; rule "→I")
5405  AOT_assume NonContingent0(p)
5406  AOT_hence Necessary0(p)  Impossible0(p)
5407    using "contingent-properties:3[zero]"[THEN "≡dfE"] by blast
5408  moreover {
5409    AOT_assume Necessary0(p)
5410    AOT_hence 1: p
5411      using "contingent-properties:1[zero]"[THEN "≡dfE"] by blast
5412    AOT_have ¬((p)-)
5413      by (AOT_subst ¬((p)-) p)
5414         (auto simp add: 1 "thm-relation-negation:4")
5415    AOT_hence Impossible0(((p)-))
5416      by (rule "contingent-properties:2[zero]"[THEN "≡dfI"])
5417  }
5418  moreover {
5419    AOT_assume Impossible0(p)
5420    AOT_hence 1: ¬p
5421      by (rule "contingent-properties:2[zero]"[THEN "≡dfE"])
5422    AOT_have ((p)-)
5423      by (AOT_subst ((p)-) ¬p) 
5424         (auto simp: 1 "thm-relation-negation:3")
5425    AOT_hence Necessary0(((p)-))
5426      by (rule "contingent-properties:1[zero]"[THEN "≡dfI"])
5427  }
5428  ultimately AOT_have Necessary0(((p)-))  Impossible0(((p)-))
5429    using "∨E"(1) "∨I" "→I" by metis
5430  AOT_thus NonContingent0(((p)-))
5431    using "contingent-properties:3[zero]"[THEN "≡dfI"] by blast
5432next
5433  AOT_assume NonContingent0(((p)-))
5434  AOT_hence Necessary0(((p)-))  Impossible0(((p)-))
5435    using "contingent-properties:3[zero]"[THEN "≡dfE"] by blast
5436  moreover {
5437    AOT_assume Impossible0(((p)-))
5438    AOT_hence 1: ¬((p)-)
5439      by (rule "contingent-properties:2[zero]"[THEN "≡dfE"])
5440    AOT_have p
5441      by (AOT_subst (reverse) p ¬((p)-))
5442         (auto simp: 1 "thm-relation-negation:4")
5443    AOT_hence Necessary0(p)
5444      using "contingent-properties:1[zero]"[THEN "≡dfI"] by blast
5445  }
5446  moreover {
5447    AOT_assume Necessary0(((p)-))
5448    AOT_hence 1: ((p)-)
5449      by (rule "contingent-properties:1[zero]"[THEN "≡dfE"])
5450    AOT_have ¬p
5451      by (AOT_subst (reverse) ¬p ((p)-))
5452         (auto simp: 1 "thm-relation-negation:3")
5453    AOT_hence Impossible0(p)
5454      by (rule "contingent-properties:2[zero]"[THEN "≡dfI"])
5455  }
5456  ultimately AOT_have Necessary0(p)  Impossible0(p)
5457    using "∨E"(1) "∨I" "→I" by metis
5458  AOT_thus NonContingent0(p)
5459    using "contingent-properties:3[zero]"[THEN "≡dfI"] by blast
5460qed
5461
5462AOT_theorem "thm-cont-propos:2": Contingent0(φ)  φ & ¬φ
5463proof -
5464  AOT_have Contingent0(φ)  ¬(Necessary0(φ)  Impossible0(φ))
5465    using "contingent-properties:4[zero]"[THEN "≡Df"] by simp
5466  also AOT_have   ¬Necessary0(φ) & ¬Impossible0(φ)
5467    by (fact AOT)
5468  also AOT_have   ¬Impossible0(φ) & ¬Necessary0(φ)
5469    by (fact AOT)
5470  also AOT_have   φ & ¬φ
5471    apply (AOT_subst φ ¬¬φ)
5472     apply (simp add: "conventions:5" "≡Df")
5473    apply (AOT_subst Impossible0(φ) ¬φ)
5474     apply (simp add: "contingent-properties:2[zero]" "≡Df")
5475    apply (AOT_subst (reverse) ¬φ ¬φ)
5476     apply (simp add: "KBasic:11")
5477    apply (AOT_subst Necessary0(φ) φ)
5478     apply (simp add: "contingent-properties:1[zero]" "≡Df")
5479    by (simp add: "oth-class-taut:3:a")
5480  finally show ?thesis.
5481qed
5482
5483AOT_theorem "thm-cont-propos:3": Contingent0(p)  Contingent0(((p)-))
5484proof -
5485  AOT_have Contingent0(p)  p & ¬p using "thm-cont-propos:2".
5486  also AOT_have   ¬p & p by (fact AOT)
5487  also AOT_have   ((p)-) & p
5488    by (AOT_subst ((p)-) ¬p)
5489       (auto simp: "thm-relation-negation:3" "oth-class-taut:3:a")
5490  also AOT_have   ((p)-) & ¬((p)-)
5491    by (AOT_subst ¬((p)-) p)
5492       (auto simp: "thm-relation-negation:4" "oth-class-taut:3:a")
5493  also AOT_have   Contingent0(((p)-))
5494    using "thm-cont-propos:2"[symmetric] by blast
5495  finally show ?thesis.
5496qed
5497
5498AOT_define noncontingent_prop :: ‹φ› ("p0")
5499  p0_def: "(p0) =df (x (E!x  E!x))"
5500
5501AOT_theorem "thm-noncont-propos:1":  Necessary0((p0))
5502proof(rule "contingent-properties:1[zero]"[THEN "≡dfI"])
5503  AOT_show (p0)
5504    apply (rule "=dfI"(2)[OF p0_def])
5505    using "log-prop-prop:2" apply simp
5506    using "if-p-then-p" RN GEN by fast
5507qed
5508
5509AOT_theorem "thm-noncont-propos:2": Impossible0(((p0)-))
5510proof(rule "contingent-properties:2[zero]"[THEN "≡dfI"])
5511  AOT_show ¬((p0)-)
5512    apply (AOT_subst ((p0)-) ¬p0)
5513    using "thm-relation-negation:3" GEN "∀E"(1)[rotated, OF "log-prop-prop:2"]
5514     apply fast
5515    apply (AOT_subst (reverse) ¬¬p0 p0)
5516     apply (simp add: "oth-class-taut:3:b")
5517    apply (rule "=dfI"(2)[OF p0_def])
5518    using "log-prop-prop:2" apply simp
5519    using "if-p-then-p" RN GEN by fast
5520qed
5521
5522AOT_theorem "thm-noncont-propos:3": NonContingent0((p0))
5523  apply(rule "contingent-properties:3[zero]"[THEN "≡dfI"])
5524  using "thm-noncont-propos:1" "∨I" by blast
5525
5526AOT_theorem "thm-noncont-propos:4": NonContingent0(((p0)-))
5527  apply(rule "contingent-properties:3[zero]"[THEN "≡dfI"])
5528  using "thm-noncont-propos:2" "∨I" by blast
5529
5530AOT_theorem "thm-noncont-propos:5":
5531  pq (NonContingent0((p)) & NonContingent0((q)) & p  q)
5532proof(rule "∃I")+
5533  AOT_have 0: φ  (φ)- for φ
5534    using "thm-relation-negation:6" "∀I"
5535          "∀E"(1)[rotated, OF "log-prop-prop:2"] by fast
5536  AOT_thus NonContingent0((p0)) & NonContingent0(((p0)-)) & (p0)  (p0)-
5537    using "thm-noncont-propos:3" "thm-noncont-propos:4" "&I" by auto
5538qed(auto simp: "log-prop-prop:2")
5539
5540AOT_act_theorem "no-cnac": ¬x(E!x & ¬𝒜E!x)
5541proof(rule "raa-cor:2")
5542  AOT_assume x(E!x & ¬𝒜E!x)
5543  then AOT_obtain a where a: E!a & ¬𝒜E!a
5544    using "∃E"[rotated] by blast
5545  AOT_hence 𝒜¬E!a
5546    using "&E" "logic-actual-nec:1"[axiom_inst, THEN "≡E"(2)] by blast
5547  AOT_hence ¬E!a
5548    using "logic-actual"[act_axiom_inst, THEN "→E"] by blast
5549  AOT_hence E!a & ¬E!a
5550    using a "&E" "&I" by blast
5551  AOT_thus p & ¬p for p using "raa-cor:1" by blast
5552qed
5553
5554AOT_theorem "pos-not-pna:1": ¬𝒜x (E!x & ¬𝒜E!x)
5555proof(rule "raa-cor:2")
5556  AOT_assume 𝒜x (E!x & ¬𝒜E!x)
5557  AOT_hence x 𝒜(E!x & ¬𝒜E!x)
5558    using "Act-Basic:10"[THEN "≡E"(1)] by blast
5559  then AOT_obtain a where 𝒜(E!a & ¬𝒜E!a)
5560    using "∃E"[rotated] by blast
5561  AOT_hence 1: 𝒜E!a & 𝒜¬𝒜E!a
5562    using "Act-Basic:2"[THEN "≡E"(1)] by blast
5563  AOT_hence ¬𝒜𝒜E!a
5564    using "&E"(2) "logic-actual-nec:1"[axiom_inst, THEN "≡E"(1)] by blast
5565  AOT_hence ¬𝒜E!a
5566    using "logic-actual-nec:4"[axiom_inst, THEN "≡E"(1)] RAA by blast
5567  AOT_thus p & ¬p for p using 1[THEN "&E"(1)] "&I" "raa-cor:1" by blast
5568qed
5569
5570AOT_theorem "pos-not-pna:2": ¬x(E!x & ¬𝒜E!x)
5571proof (rule RAA(1))
5572  AOT_show ¬𝒜x (E!x & ¬𝒜E!x)
5573    using "pos-not-pna:1" by blast
5574next
5575  AOT_assume ¬¬x (E!x & ¬𝒜E!x)
5576  AOT_hence x (E!x & ¬𝒜E!x)
5577    using "KBasic:12"[THEN "≡E"(2)] by blast
5578  AOT_thus 𝒜x (E!x & ¬𝒜E!x)
5579    using "nec-imp-act"[THEN "→E"] by blast
5580qed
5581
5582AOT_theorem "pos-not-pna:3": x (E!x & ¬𝒜E!x)
5583proof -
5584  AOT_obtain a where (E!a & ¬𝒜E!a)
5585    using "qml:4"[axiom_inst] "BF◇"[THEN "→E"] "∃E"[rotated] by blast
5586  AOT_hence θ: E!a and ξ: ¬𝒜E!a
5587    using "KBasic2:3"[THEN "→E"] "&E" by blast+
5588  AOT_have ¬𝒜E!a
5589    using ξ "KBasic:11"[THEN "≡E"(2)] by blast
5590  AOT_hence ¬𝒜E!a
5591    using "Act-Basic:6"[THEN "oth-class-taut:4:b"[THEN "≡E"(1)],
5592                        THEN "≡E"(2)] by blast
5593  AOT_hence E!a & ¬𝒜E!a using θ "&I" by blast
5594  thus ?thesis using "∃I" by fast
5595qed
5596
5597AOT_define contingent_prop :: φ ("q0")
5598  q0_def: (q0) =df (x (E!x & ¬𝒜E!x))
5599
5600AOT_theorem q0_prop: q0 & ¬q0
5601  apply (rule "=dfI"(2)[OF q0_def])
5602  apply (fact "log-prop-prop:2")
5603  apply (rule "&I")
5604   apply (fact "qml:4"[axiom_inst])
5605  by (fact "pos-not-pna:2")
5606
5607AOT_theorem "basic-prop:1": Contingent0((q0))
5608proof(rule "contingent-properties:4[zero]"[THEN "≡dfI"])
5609  AOT_have ¬Necessary0((q0)) & ¬Impossible0((q0))
5610  proof (rule "&I";
5611         rule "=dfI"(2)[OF q0_def];
5612         (rule "log-prop-prop:2" | rule "raa-cor:2"))
5613    AOT_assume Necessary0(x (E!x & ¬𝒜E!x))
5614    AOT_hence x (E!x & ¬𝒜E!x)
5615      using "contingent-properties:1[zero]"[THEN "≡dfE"] by blast
5616    AOT_hence 𝒜x (E!x & ¬𝒜E!x)
5617      using "Act-Basic:8"[THEN "→E"] "qml:2"[axiom_inst, THEN "→E"] by blast
5618    AOT_thus 𝒜x (E!x & ¬𝒜E!x) & ¬𝒜x (E!x & ¬𝒜E!x)
5619      using "pos-not-pna:1" "&I" by blast
5620  next
5621    AOT_assume Impossible0(x (E!x & ¬𝒜E!x))
5622    AOT_hence ¬(x (E!x & ¬𝒜E!x))
5623      using "contingent-properties:2[zero]"[THEN "≡dfE"] by blast
5624    AOT_hence ¬(x (E!x & ¬𝒜E!x))
5625      using "KBasic2:1"[THEN "≡E"(1)] by blast
5626    AOT_thus (x (E!x & ¬𝒜E!x)) & ¬(x (E!x & ¬𝒜E!x))
5627      using "qml:4"[axiom_inst] "&I" by blast
5628  qed
5629  AOT_thus ¬(Necessary0((q0))  Impossible0((q0)))
5630    using "oth-class-taut:5:d" "≡E"(2) by blast
5631qed
5632
5633AOT_theorem "basic-prop:2": p Contingent0((p))
5634  using "∃I"(1)[rotated, OF "log-prop-prop:2"] "basic-prop:1" by blast
5635
5636AOT_theorem "basic-prop:3": Contingent0(((q0)-))
5637  apply (AOT_subst ((q0)-) ¬q0)
5638   apply (insert "thm-relation-negation:3" "∀I"
5639                "∀E"(1)[rotated, OF "log-prop-prop:2"]; fast)
5640  apply (rule "contingent-properties:4[zero]"[THEN "≡dfI"])
5641  apply (rule "oth-class-taut:5:d"[THEN "≡E"(2)])
5642  apply (rule "&I")
5643   apply (rule "contingent-properties:1[zero]"[THEN "df-rules-formulas[3]",
5644                  THEN "useful-tautologies:5"[THEN "→E"], THEN "→E"])
5645   apply (rule "conventions:5"[THEN "≡dfE"])
5646   apply (rule "=dfE"(2)[OF q0_def])
5647    apply (rule "log-prop-prop:2")
5648   apply (rule q0_prop[THEN "&E"(1)])
5649  apply (rule "contingent-properties:2[zero]"[THEN "df-rules-formulas[3]",
5650                THEN "useful-tautologies:5"[THEN "→E"], THEN "→E"])
5651  apply (rule "conventions:5"[THEN "≡dfE"])
5652  by (rule q0_prop[THEN "&E"(2)])
5653
5654AOT_theorem "basic-prop:4":
5655  pq (p  q & Contingent0(p) & Contingent0(q))
5656proof(rule "∃I")+
5657  AOT_have 0: φ  (φ)- for φ
5658    using "thm-relation-negation:6" "∀I"
5659          "∀E"(1)[rotated, OF "log-prop-prop:2"] by fast
5660  AOT_show (q0)  (q0)- & Contingent0(q0) & Contingent0(((q0)-))
5661    using "basic-prop:1" "basic-prop:3" "&I" 0 by presburger
5662qed(auto simp: "log-prop-prop:2")
5663
5664AOT_theorem "proposition-facts:1":
5665  NonContingent0(p)  ¬q (Contingent0(q) & q = p)
5666proof(rule "→I"; rule "raa-cor:2")
5667  AOT_assume NonContingent0(p)
5668  AOT_hence 1: Necessary0(p)  Impossible0(p)
5669    using "contingent-properties:3[zero]"[THEN "≡dfE"] by blast
5670  AOT_assume q (Contingent0(q) & q = p)
5671  then AOT_obtain q where Contingent0(q) & q = p
5672    using "∃E"[rotated] by blast
5673  AOT_hence Contingent0(p)
5674    using "rule=E" "&E" by fast
5675  AOT_thus (Necessary0(p)  Impossible0(p)) &
5676            ¬(Necessary0(p)  Impossible0(p))
5677    using "contingent-properties:4[zero]"[THEN "≡dfE"] 1 "&I" by blast
5678qed
5679
5680AOT_theorem "proposition-facts:2":
5681  Contingent0(p)  ¬q (NonContingent0(q) & q = p)
5682proof(rule "→I"; rule "raa-cor:2")
5683  AOT_assume Contingent0(p)
5684  AOT_hence 1: ¬(Necessary0(p)  Impossible0(p))
5685    using "contingent-properties:4[zero]"[THEN "≡dfE"] by blast
5686  AOT_assume q (NonContingent0(q) & q = p)
5687  then AOT_obtain q where NonContingent0(q) & q = p
5688    using "∃E"[rotated] by blast
5689  AOT_hence NonContingent0(p)
5690    using "rule=E" "&E" by fast
5691  AOT_thus (Necessary0(p)  Impossible0(p)) &
5692            ¬(Necessary0(p)  Impossible0(p))
5693    using "contingent-properties:3[zero]"[THEN "≡dfE"] 1 "&I" by blast
5694qed
5695
5696AOT_theorem "proposition-facts:3":
5697  (p0)  (p0)- & (p0)  (q0) & (p0)  (q0)- & (p0)-  (q0)- & (q0)  (q0)-
5698proof -
5699  {
5700    fix χ φ ψ
5701    AOT_assume χ{φ}
5702    moreover AOT_assume ¬χ{ψ}
5703    ultimately AOT_have ¬(χ{φ}  χ{ψ})
5704      using RAA "≡E" by metis
5705    moreover {
5706      AOT_have pq ((¬(χ{p}  χ{q}))  p  q)
5707        by (rule "∀I"; rule "∀I"; rule "pos-not-equiv-ne:4[zero]")
5708      AOT_hence ((¬(χ{φ}  χ{ψ}))  φ  ψ)
5709        using "∀E" "log-prop-prop:2" by blast
5710    }
5711    ultimately AOT_have φ  ψ
5712      using "→E" by blast
5713  } note 0 = this
5714  AOT_have contingent_neg: Contingent0(φ)  Contingent0(((φ)-)) for φ
5715    using "thm-cont-propos:3" "∀I"
5716          "∀E"(1)[rotated, OF "log-prop-prop:2"] by fast
5717  AOT_have not_noncontingent_if_contingent:
5718    ¬NonContingent0(φ) if Contingent0(φ) for φ
5719    apply (rule "contingent-properties:3[zero]"[THEN "≡Df",
5720                  THEN "oth-class-taut:4:b"[THEN "≡E"(1)], THEN "≡E"(2)])
5721    using that "contingent-properties:4[zero]"[THEN "≡dfE"] by blast
5722  show ?thesis
5723    apply (rule "&I")+
5724    using "thm-relation-negation:6" "∀I"
5725          "∀E"(1)[rotated, OF "log-prop-prop:2"]
5726        apply fast
5727       apply (rule 0)
5728    using "thm-noncont-propos:3" apply fast
5729       apply (rule not_noncontingent_if_contingent)
5730       apply (fact AOT)
5731      apply (rule 0)
5732    apply (rule "thm-noncont-propos:3")
5733      apply (rule not_noncontingent_if_contingent)
5734      apply (rule contingent_neg[THEN "≡E"(1)])
5735      apply (fact AOT)
5736     apply (rule 0)
5737    apply (rule "thm-noncont-propos:4")
5738      apply (rule not_noncontingent_if_contingent)
5739      apply (rule contingent_neg[THEN "≡E"(1)])
5740     apply (fact AOT)
5741    using "thm-relation-negation:6" "∀I"
5742          "∀E"(1)[rotated, OF "log-prop-prop:2"] by fast
5743qed
5744
5745AOT_define ContingentlyTrue :: ‹φ  φ› ("ContingentlyTrue'(_')")
5746  "cont-tf:1": ContingentlyTrue(p) df p & ¬p
5747
5748AOT_define ContingentlyFalse :: ‹φ  φ› ("ContingentlyFalse'(_')")
5749  "cont-tf:2": ContingentlyFalse(p) df ¬p & p
5750
5751AOT_theorem "cont-true-cont:1":
5752  ContingentlyTrue((p))  Contingent0((p))
5753proof(rule "→I")
5754  AOT_assume ContingentlyTrue((p))
5755  AOT_hence 1: p and 2: ¬p using "cont-tf:1"[THEN "≡dfE"] "&E" by blast+
5756  AOT_have ¬Necessary0((p))
5757    apply (rule "contingent-properties:1[zero]"[THEN "≡Df",
5758                  THEN "oth-class-taut:4:b"[THEN "≡E"(1)], THEN "≡E"(2)])
5759    using 2 "KBasic:11"[THEN "≡E"(2)] by blast
5760  moreover AOT_have ¬Impossible0((p))
5761    apply (rule "contingent-properties:2[zero]"[THEN "≡Df",
5762                  THEN "oth-class-taut:4:b"[THEN "≡E"(1)], THEN "≡E"(2)])
5763    apply (rule "conventions:5"[THEN "≡dfE"])
5764    using "T◇"[THEN "→E", OF 1].
5765  ultimately AOT_have ¬(Necessary0((p))  Impossible0((p)))
5766    using DeMorgan(2)[THEN "≡E"(2)] "&I" by blast
5767  AOT_thus Contingent0((p))
5768    using "contingent-properties:4[zero]"[THEN "≡dfI"] by blast
5769qed
5770
5771AOT_theorem "cont-true-cont:2":
5772  ContingentlyFalse((p))  Contingent0((p))
5773proof(rule "→I")
5774  AOT_assume ContingentlyFalse((p))
5775  AOT_hence 1: ¬p and 2: p using "cont-tf:2"[THEN "≡dfE"] "&E" by blast+
5776  AOT_have ¬Necessary0((p))
5777    apply (rule "contingent-properties:1[zero]"[THEN "≡Df",
5778                  THEN "oth-class-taut:4:b"[THEN "≡E"(1)], THEN "≡E"(2)])
5779    using "KBasic:11"[THEN "≡E"(2)] "T◇"[THEN "→E", OF 1] by blast
5780  moreover AOT_have ¬Impossible0((p))
5781    apply (rule "contingent-properties:2[zero]"[THEN "≡Df",
5782                  THEN "oth-class-taut:4:b"[THEN "≡E"(1)], THEN "≡E"(2)])
5783    apply (rule "conventions:5"[THEN "≡dfE"])
5784    using 2.
5785  ultimately AOT_have ¬(Necessary0((p))  Impossible0((p)))
5786    using DeMorgan(2)[THEN "≡E"(2)] "&I" by blast
5787  AOT_thus Contingent0((p))
5788    using "contingent-properties:4[zero]"[THEN "≡dfI"] by blast
5789qed
5790
5791AOT_theorem "cont-true-cont:3":
5792  ContingentlyTrue((p))  ContingentlyFalse(((p)-))
5793proof(rule "≡I"; rule "→I")
5794  AOT_assume ContingentlyTrue((p))
5795  AOT_hence 0: p & ¬p using "cont-tf:1"[THEN "≡dfE"] by blast
5796  AOT_have 1: ContingentlyFalse(¬p)
5797    apply (rule "cont-tf:2"[THEN "≡dfI"])
5798    apply (AOT_subst (reverse) ¬¬p p)
5799    by (auto simp: "oth-class-taut:3:b" 0)
5800  AOT_show ContingentlyFalse(((p)-))
5801    apply (AOT_subst ((p)-) ¬p)
5802    by (auto simp: "thm-relation-negation:3" 1)
5803next
5804  AOT_assume 1: ContingentlyFalse(((p)-))
5805  AOT_have ContingentlyFalse(¬p)
5806    by (AOT_subst (reverse) ¬p ((p)-))
5807       (auto simp: "thm-relation-negation:3" 1)
5808  AOT_hence ¬¬p & ¬p using "cont-tf:2"[THEN "≡dfE"] by blast
5809  AOT_hence p & ¬p
5810    using "&I" "&E" "useful-tautologies:1"[THEN "→E"] by metis
5811  AOT_thus ContingentlyTrue((p))
5812    using "cont-tf:1"[THEN "≡dfI"] by blast
5813qed
5814
5815AOT_theorem "cont-true-cont:4":
5816  ContingentlyFalse((p))  ContingentlyTrue(((p)-))
5817proof(rule "≡I"; rule "→I")
5818  AOT_assume ContingentlyFalse(p)
5819  AOT_hence 0: ¬p & p
5820    using "cont-tf:2"[THEN "≡dfE"] by blast
5821  AOT_have ¬p & ¬¬p
5822    by (AOT_subst (reverse) ¬¬p p)
5823       (auto simp: "oth-class-taut:3:b" 0)
5824  AOT_hence 1: ContingentlyTrue(¬p)
5825    by (rule "cont-tf:1"[THEN "≡dfI"])
5826  AOT_show ContingentlyTrue(((p)-))
5827    by (AOT_subst ((p)-) ¬p)
5828       (auto simp: "thm-relation-negation:3" 1)
5829next
5830  AOT_assume 1: ContingentlyTrue(((p)-))
5831  AOT_have ContingentlyTrue(¬p)
5832    by (AOT_subst (reverse) ¬p ((p)-))
5833       (auto simp add: "thm-relation-negation:3" 1)
5834  AOT_hence 2: ¬p & ¬¬p using "cont-tf:1"[THEN "≡dfE"] by blast
5835  AOT_have p
5836    by (AOT_subst p ¬¬p)
5837       (auto simp add: "oth-class-taut:3:b" 2[THEN "&E"(2)])
5838  AOT_hence ¬p & p using 2[THEN "&E"(1)] "&I" by blast
5839  AOT_thus ContingentlyFalse(p)
5840    by (rule "cont-tf:2"[THEN "≡dfI"])
5841qed
5842
5843AOT_theorem "cont-true-cont:5":
5844  (ContingentlyTrue((p)) & Necessary0((q)))  p  q
5845proof (rule "→I"; frule "&E"(1); drule "&E"(2); rule "raa-cor:1")
5846  AOT_assume ContingentlyTrue((p))
5847  AOT_hence ¬p
5848    using "cont-tf:1"[THEN "≡dfE"] "&E" by blast
5849  AOT_hence 0: ¬p using "KBasic:11"[THEN "≡E"(2)] by blast
5850  AOT_assume Necessary0((q))
5851  moreover AOT_assume ¬(p  q)
5852  AOT_hence p = q
5853    using "=-infix"[THEN "≡Df",
5854                    THEN "oth-class-taut:4:b"[THEN "≡E"(1)],
5855                    THEN "≡E"(1)]
5856          "useful-tautologies:1"[THEN "→E"] by blast
5857  ultimately AOT_have Necessary0((p)) using "rule=E" id_sym by blast
5858  AOT_hence p
5859    using "contingent-properties:1[zero]"[THEN "≡dfE"] by blast
5860  AOT_thus p & ¬p using 0 "&I" by blast
5861qed
5862
5863AOT_theorem "cont-true-cont:6":
5864  (ContingentlyFalse((p)) & Impossible0((q)))  p  q
5865proof (rule "→I"; frule "&E"(1); drule "&E"(2); rule "raa-cor:1")
5866  AOT_assume ContingentlyFalse((p))
5867  AOT_hence p
5868    using "cont-tf:2"[THEN "≡dfE"] "&E" by blast
5869  AOT_hence 1: ¬¬p
5870    using "conventions:5"[THEN "≡dfE"] by blast
5871  AOT_assume Impossible0((q))
5872  moreover AOT_assume ¬(p  q)
5873  AOT_hence p = q
5874    using "=-infix"[THEN "≡Df",
5875                    THEN "oth-class-taut:4:b"[THEN "≡E"(1)],
5876                    THEN "≡E"(1)]
5877          "useful-tautologies:1"[THEN "→E"] by blast
5878  ultimately AOT_have Impossible0((p)) using "rule=E" id_sym by blast
5879  AOT_hence ¬p
5880    using "contingent-properties:2[zero]"[THEN "≡dfE"] by blast
5881  AOT_thus ¬p & ¬¬p using 1 "&I" by blast
5882qed
5883
5884AOT_act_theorem "q0cf:1": ContingentlyFalse(q0)
5885  apply (rule "cont-tf:2"[THEN "≡dfI"])
5886  apply (rule "=dfI"(2)[OF q0_def])
5887   apply (fact "log-prop-prop:2")
5888  apply (rule "&I")
5889   apply (fact "no-cnac")
5890  by (fact "qml:4"[axiom_inst])
5891
5892AOT_act_theorem "q0cf:2": ContingentlyTrue(((q0)-))
5893  apply (rule "cont-tf:1"[THEN "≡dfI"])
5894  apply (rule "=dfI"(2)[OF q0_def])
5895   apply (fact "log-prop-prop:2")
5896  apply (rule "&I")
5897   apply (rule "thm-relation-negation:3"
5898                [unvarify p, OF "log-prop-prop:2", THEN "≡E"(2)])
5899     apply (fact "no-cnac")
5900  apply (rule "rule=E"[rotated,
5901                OF "thm-relation-negation:7"
5902                   [unvarify p, OF "log-prop-prop:2", THEN id_sym]])
5903  apply (AOT_subst (reverse) ¬¬(x  (E!x & ¬𝒜E!x)) x (E!x & ¬𝒜E!x))
5904  by (auto simp: "oth-class-taut:3:b" "qml:4"[axiom_inst])
5905
5906(* TODO: q0cf-rem skipped for now *)
5907
5908AOT_theorem "cont-tf-thm:1": p ContingentlyTrue((p))
5909proof(rule "∨E"(1)[OF "exc-mid"]; rule "→I"; rule "∃I")
5910  AOT_assume q0
5911  AOT_hence q0 & ¬q0 using q0_prop[THEN "&E"(2)] "&I" by blast
5912  AOT_thus ContingentlyTrue(q0)
5913    by (rule "cont-tf:1"[THEN "≡dfI"])
5914next
5915  AOT_assume ¬q0
5916  AOT_hence ¬q0 & q0 using q0_prop[THEN "&E"(1)] "&I" by blast
5917  AOT_hence ContingentlyFalse(q0)
5918    by (rule "cont-tf:2"[THEN "≡dfI"])
5919  AOT_thus ContingentlyTrue(((q0)-))
5920    by (rule "cont-true-cont:4"[unvarify p,
5921                OF "log-prop-prop:2", THEN "≡E"(1)])
5922qed(auto simp: "log-prop-prop:2")
5923
5924
5925AOT_theorem "cont-tf-thm:2": p ContingentlyFalse((p))
5926proof(rule "∨E"(1)[OF "exc-mid"]; rule "→I"; rule "∃I")
5927  AOT_assume q0
5928  AOT_hence q0 & ¬q0 using q0_prop[THEN "&E"(2)] "&I" by blast
5929  AOT_hence ContingentlyTrue(q0)
5930    by (rule "cont-tf:1"[THEN "≡dfI"])
5931  AOT_thus ContingentlyFalse(((q0)-))
5932    by (rule "cont-true-cont:3"[unvarify p,
5933                OF "log-prop-prop:2", THEN "≡E"(1)])
5934next
5935  AOT_assume ¬q0
5936  AOT_hence ¬q0 & q0 using q0_prop[THEN "&E"(1)] "&I" by blast
5937  AOT_thus ContingentlyFalse(q0)
5938    by (rule "cont-tf:2"[THEN "≡dfI"])
5939qed(auto simp: "log-prop-prop:2")
5940
5941AOT_theorem "property-facts1:1": Fx ([F]x & ¬[F]x)
5942proof -
5943  fix x
5944  AOT_obtain p1 where ContingentlyTrue((p1))
5945    using "cont-tf-thm:1" "∃E"[rotated] by blast
5946  AOT_hence 1: p1 & ¬p1 using "cont-tf:1"[THEN "≡dfE"] by blast
5947  AOT_modally_strict {
5948    AOT_have for arbitrary p:  (z p]x  p)
5949      by (rule "beta-C-cor:3"[THEN "∀E"(2)]) cqt_2_lambda_inst_prover
5950    AOT_hence for arbitrary p:   (z p]x  p)
5951      by (rule RN)
5952    AOT_hence p (z p]x  p) using GEN by fast
5953    AOT_hence (z p1]x  p1) using "∀E" by fast
5954  } note 2 = this
5955  AOT_hence (z p1]x  p1) using "∀E" by blast
5956  AOT_hence z p1]x
5957    using 1[THEN "&E"(1)] "qml:2"[axiom_inst, THEN "→E"] "≡E"(2) by blast
5958  moreover AOT_have ¬z p1]x
5959    using 2[THEN "qml:2"[axiom_inst, THEN "→E"]]
5960    apply (AOT_subst z p1]x p1)
5961    using 1[THEN "&E"(2)] by blast
5962  ultimately AOT_have z p1]x & ¬z p1]x using "&I" by blast
5963  AOT_hence x (z p1]x & ¬z p1]x) using "∃I"(2) by fast
5964  moreover AOT_have z p1] by "cqt:2[lambda]"
5965  ultimately AOT_show Fx ([F]x & ¬[F]x) by (rule "∃I"(1))
5966qed
5967
5968(* TODO: inspect modally strict subproof involving obtained variable *)
5969AOT_theorem "property-facts1:2": Fx (¬[F]x & [F]x)
5970proof -
5971  fix x
5972  AOT_obtain p1 where ContingentlyFalse((p1))
5973    using "cont-tf-thm:2" "∃E"[rotated] by blast
5974  AOT_hence 1: ¬p1 & p1 using "cont-tf:2"[THEN "≡dfE"] by blast
5975  AOT_modally_strict {
5976    AOT_have for arbitrary p:  (z p]x  p)
5977      by (rule "beta-C-cor:3"[THEN "∀E"(2)]) cqt_2_lambda_inst_prover
5978    AOT_hence for arbitrary p:  (¬z p]x  ¬p)
5979      using "oth-class-taut:4:b" "≡E" by blast
5980    AOT_hence for arbitrary p:  (¬z p]x  ¬p)
5981      by (rule RN)
5982    AOT_hence p (¬z p]x  ¬p) using GEN by fast
5983    AOT_hence (¬z p1]x  ¬p1) using "∀E" by fast
5984  } note 2 = this
5985  AOT_hence (¬z p1]x  ¬p1) using "∀E" by blast
5986  AOT_hence 3: ¬z p1]x
5987    using 1[THEN "&E"(1)] "qml:2"[axiom_inst, THEN "→E"] "≡E"(2) by blast
5988  AOT_modally_strict {
5989    AOT_have for arbitrary p:  (z p]x  p)
5990      by (rule "beta-C-cor:3"[THEN "∀E"(2)]) cqt_2_lambda_inst_prover
5991    AOT_hence for arbitrary p:  (z p]x  p)
5992      by (rule RN)
5993    AOT_hence p (z p]x  p) using GEN by fast
5994    AOT_hence (z p1]x  p1) using "∀E" by fast
5995  } note 4 = this
5996  AOT_have z p1]x
5997    using 4[THEN "qml:2"[axiom_inst, THEN "→E"]]
5998    apply (AOT_subst z p1]x p1)
5999    using 1[THEN "&E"(2)] by blast
6000  AOT_hence ¬z p1]x & z p1]x using 3 "&I" by blast
6001  AOT_hence x (¬z p1]x & z p1]x) using "∃I"(2) by fast
6002  moreover AOT_have z p1] by "cqt:2[lambda]"
6003  ultimately AOT_show Fx (¬[F]x & [F]x) by (rule "∃I"(1))
6004qed
6005
6006context
6007begin
6008
6009private AOT_lemma eqnotnec_123_Aux_ζ: [L]x  (E!x  E!x)
6010    apply (rule "=dfI"(2)[OF L_def])
6011     apply "cqt:2[lambda]"
6012    apply (rule "beta-C-meta"[THEN "→E"])
6013  by "cqt:2[lambda]"
6014
6015private AOT_lemma eqnotnec_123_Aux_ω: z φ]x  φ
6016    by (rule "beta-C-meta"[THEN "→E"]) "cqt:2[lambda]"
6017
6018private AOT_lemma eqnotnec_123_Aux_θ: φ  x([L]x  z φ]x)
6019proof(rule "≡I"; rule "→I"; (rule "∀I")?)
6020  fix x
6021  AOT_assume 1: φ
6022  AOT_have [L]x  (E!x  E!x) using eqnotnec_123_Aux_ζ.
6023  also AOT_have   φ
6024    using "if-p-then-p" 1 "≡I" "→I" by simp
6025  also AOT_have   z φ]x
6026    using "Commutativity of ≡"[THEN "≡E"(1)] eqnotnec_123_Aux_ω by blast
6027  finally AOT_show [L]x  z φ]x.
6028next
6029  fix x
6030  AOT_assume x([L]x  z φ]x)
6031  AOT_hence [L]x  z φ]x using "∀E" by blast
6032  also AOT_have   φ using eqnotnec_123_Aux_ω.
6033  finally AOT_have φ  [L]x
6034    using "Commutativity of ≡"[THEN "≡E"(1)] by blast
6035  also AOT_have   E!x  E!x using eqnotnec_123_Aux_ζ.
6036  finally AOT_show φ using "≡E" "if-p-then-p" by fast
6037qed
6038private lemmas eqnotnec_123_Aux_ξ =
6039  eqnotnec_123_Aux_θ[THEN "oth-class-taut:4:b"[THEN "≡E"(1)],
6040    THEN "conventions:3"[THEN "≡Df", THEN "≡E"(1), THEN "&E"(1)],
6041    THEN "RM◇"]
6042private lemmas eqnotnec_123_Aux_ξ' =
6043  eqnotnec_123_Aux_θ[
6044    THEN "conventions:3"[THEN "≡Df", THEN "≡E"(1), THEN "&E"(1)],
6045    THEN "RM◇"]
6046
6047AOT_theorem "eqnotnec:1": FG(x([F]x  [G]x) & ¬x([F]x  [G]x))
6048proof-
6049  AOT_obtain p1 where ContingentlyTrue(p1)
6050    using "cont-tf-thm:1" "∃E"[rotated] by blast
6051  AOT_hence p1 & ¬p1 using "cont-tf:1"[THEN "≡dfE"] by blast
6052  AOT_hence x ([L]x  z p1]x) & ¬x([L]x  z p1]x)
6053    apply - apply (rule "&I")
6054    using "&E" eqnotnec_123_Aux_θ[THEN "≡E"(1)]
6055          eqnotnec_123_Aux_ξ "→E" by fast+
6056  AOT_hence G (x([L]x  [G]x) & ¬x([L]x  [G]x))
6057    by (rule "∃I") "cqt:2[lambda]"
6058  AOT_thus FG (x([F]x  [G]x) & ¬x([F]x  [G]x))
6059    apply (rule "∃I")
6060    by (rule "=dfI"(2)[OF L_def]) "cqt:2[lambda]"+
6061qed
6062
6063AOT_theorem "eqnotnec:2": FG(¬x([F]x  [G]x) & x([F]x  [G]x))
6064proof-
6065  AOT_obtain p1 where ContingentlyFalse(p1)
6066    using "cont-tf-thm:2" "∃E"[rotated] by blast
6067  AOT_hence ¬p1 & p1 using "cont-tf:2"[THEN "≡dfE"] by blast
6068  AOT_hence ¬x ([L]x  z p1]x) & x([L]x  z p1]x)
6069    apply - apply (rule "&I")
6070    using eqnotnec_123_Aux_θ[THEN "oth-class-taut:4:b"[THEN "≡E"(1)],
6071                             THEN "≡E"(1)]
6072          "&E" eqnotnec_123_Aux_ξ' "→E" by fast+
6073  AOT_hence G (¬x([L]x  [G]x) & x([L]x  [G]x))
6074    by (rule "∃I") "cqt:2[lambda]"
6075  AOT_thus FG (¬x([F]x  [G]x) & x([F]x  [G]x))
6076    apply (rule "∃I")
6077    by (rule "=dfI"(2)[OF L_def]) "cqt:2[lambda]"+
6078qed
6079
6080AOT_theorem "eqnotnec:3": FG(𝒜¬x([F]x  [G]x) & x([F]x  [G]x))
6081proof-
6082  AOT_have ¬𝒜q0
6083    apply (rule "=dfI"(2)[OF q0_def])
6084     apply (fact "log-prop-prop:2")
6085    by (fact AOT)
6086  AOT_hence 𝒜¬q0
6087    using "logic-actual-nec:1"[axiom_inst, THEN "≡E"(2)] by blast
6088  AOT_hence 𝒜¬x ([L]x  z q0]x)
6089    using eqnotnec_123_Aux_θ[THEN "oth-class-taut:4:b"[THEN "≡E"(1)],
6090            THEN "conventions:3"[THEN "≡Df", THEN "≡E"(1), THEN "&E"(1)],
6091            THEN "RA[2]", THEN "act-cond"[THEN "→E"], THEN "→E"] by blast
6092  moreover AOT_have x ([L]x  z q0]x)
6093    using eqnotnec_123_Aux_ξ'[THEN "→E"] q0_prop[THEN "&E"(1)] by blast
6094  ultimately AOT_have 𝒜¬x ([L]x  z q0]x) & x ([L]x  z q0]x)
6095    using "&I" by blast
6096  AOT_hence G (𝒜¬x([L]x  [G]x) & x([L]x  [G]x))
6097    by (rule "∃I") "cqt:2[lambda]"
6098  AOT_thus FG (𝒜¬x([F]x  [G]x) & x([F]x  [G]x))
6099    apply (rule "∃I")
6100    by (rule "=dfI"(2)[OF L_def]) "cqt:2[lambda]"+
6101qed
6102
6103end
6104
6105AOT_theorem "eqnotnec:4": FG(x([F]x  [G]x) & ¬x([F]x  [G]x))
6106proof(rule GEN)
6107  fix F
6108  AOT_have Aux_A:  ψ  x([F]x  z [F]z & ψ]x) for ψ
6109  proof(rule "→I"; rule GEN)
6110    AOT_modally_strict {
6111    fix x
6112    AOT_assume 0: ψ
6113    AOT_have z [F]z & ψ]x  [F]x & ψ
6114      by (rule "beta-C-meta"[THEN "→E"]) "cqt:2[lambda]"
6115    also AOT_have ...  [F]x
6116      apply (rule "≡I"; rule "→I")
6117      using "∨E"(3)[rotated, OF "useful-tautologies:2"[THEN "→E"], OF 0] "&E"
6118      apply blast
6119      using 0 "&I" by blast
6120    finally AOT_show [F]x  z [F]z & ψ]x
6121      using "Commutativity of ≡"[THEN "≡E"(1)] by blast
6122    }
6123  qed
6124
6125  AOT_have Aux_B:  ψ  x([F]x  z [F]z & ψ  ¬ψ]x) for ψ
6126  proof (rule "→I"; rule GEN)
6127    AOT_modally_strict {
6128      fix x
6129      AOT_assume 0: ψ
6130      AOT_have z ([F]z & ψ)  ¬ψ]x  (([F]x & ψ)  ¬ψ)
6131        by (rule "beta-C-meta"[THEN "→E"]) "cqt:2[lambda]"
6132      also AOT_have ...  [F]x
6133        apply (rule "≡I"; rule "→I")
6134        using "∨E"(3)[rotated, OF "useful-tautologies:2"[THEN "→E"], OF 0]
6135              "&E"
6136         apply blast
6137        apply (rule "∨I"(1)) using 0 "&I" by blast
6138      finally AOT_show [F]x  z ([F]z & ψ)  ¬ψ]x
6139        using "Commutativity of ≡"[THEN "≡E"(1)] by blast
6140    }
6141  qed
6142
6143  AOT_have Aux_C:
6144     ¬ψ  ¬z(z [F]z & ψ]z  z [F]z & ψ  ¬ψ]z) for ψ
6145  proof(rule "RM◇"; rule "→I"; rule "raa-cor:2")
6146  AOT_modally_strict {
6147      AOT_assume 0: ¬ψ
6148      AOT_assume z (z [F]z & ψ]z  z [F]z & ψ  ¬ψ]z)
6149      AOT_hence z [F]z & ψ]z  z [F]z & ψ  ¬ψ]z for z
6150        using "∀E" by blast
6151      moreover AOT_have z [F]z & ψ]z  [F]z & ψ for z
6152          by (rule "beta-C-meta"[THEN "→E"]) "cqt:2[lambda]"
6153      moreover AOT_have z ([F]z & ψ)  ¬ψ]z  (([F]z & ψ)  ¬ψ) for z
6154        by (rule "beta-C-meta"[THEN "→E"]) "cqt:2[lambda]"
6155      ultimately AOT_have [F]z & ψ  (([F]z & ψ)  ¬ψ) for z
6156        using "Commutativity of ≡"[THEN "≡E"(1)] "≡E"(5) by meson
6157      moreover AOT_have (([F]z & ψ)  ¬ψ) for z using 0 "∨I" by blast
6158      ultimately AOT_have ψ using "≡E" "&E" by metis
6159      AOT_thus ψ & ¬ψ using 0 "&I" by blast
6160    }
6161  qed
6162
6163  AOT_have Aux_D: z ([F]z  z [F]z & ψ]z) 
6164      (¬x (z [F]z & ψ]x  z [F]z & ψ  ¬ψ]x) 
6165       ¬x ([F]x  z [F]z & ψ  ¬ψ]x)) for ψ
6166  proof (rule "→I")
6167    AOT_assume A: z([F]z  z [F]z & ψ]z)
6168    AOT_show ¬x (z [F]z & ψ]x  z [F]z & ψ  ¬ψ]x) 
6169              ¬x ([F]x  z [F]z & ψ  ¬ψ]x)
6170    proof(rule "≡I"; rule "KBasic:13"[THEN "→E"];
6171          rule "RN[prem]"[where Γ="{«z([F]z  z [F]z & ψ]z)»}", simplified];
6172          (rule "useful-tautologies:5"[THEN "→E"]; rule "→I")?)
6173      AOT_modally_strict {
6174        AOT_assume z ([F]z  z [F]z & ψ]z)
6175        AOT_hence 1: [F]z  z [F]z & ψ]z for z
6176          using "∀E" by blast
6177        AOT_assume x ([F]x  z [F]z & ψ  ¬ψ]x)
6178        AOT_hence 2: [F]z  z [F]z & ψ  ¬ψ]z for z
6179          using "∀E" by blast
6180        AOT_have z [F]z & ψ]z  z [F]z & ψ  ¬ψ]z for z
6181          using "≡E" 1 2 by meson
6182        AOT_thus x (z [F]z & ψ]x  z [F]z & ψ  ¬ψ]x)
6183          by (rule GEN)
6184      }
6185    next
6186      AOT_modally_strict {
6187        AOT_assume z ([F]z  z [F]z & ψ]z)
6188        AOT_hence 1: [F]z  z [F]z & ψ]z for z
6189          using "∀E" by blast
6190        AOT_assume x (z [F]z & ψ]x  z [F]z & ψ  ¬ψ]x)
6191        AOT_hence 2: z [F]z & ψ]z  z [F]z & ψ  ¬ψ]z for z
6192          using "∀E" by blast
6193        AOT_have [F]z  z [F]z & ψ  ¬ψ]z for z
6194          using 1 2 "≡E" by meson
6195        AOT_thus x ([F]x  z [F]z & ψ  ¬ψ]x)
6196          by (rule GEN)
6197      }
6198    qed(auto simp: A)
6199  qed
6200
6201  AOT_obtain p1 where p1_prop: p1 & ¬p1
6202    using "cont-tf-thm:1" "∃E"[rotated]
6203          "cont-tf:1"[THEN "≡dfE"] by blast
6204  {
6205    AOT_assume 1: x([F]x  z [F]z & p1]x)
6206    AOT_have 2: x([F]x  z [F]z & p1  ¬p1]x)
6207      using Aux_B[THEN "→E", OF p1_prop[THEN "&E"(1)]].
6208    AOT_have ¬x(z [F]z & p1]x  z [F]z & p1  ¬p1]x)
6209      using Aux_C[THEN "→E", OF p1_prop[THEN "&E"(2)]].
6210    AOT_hence 3: ¬x([F]x  z [F]z & p1  ¬p1]x)
6211      using Aux_D[THEN "→E", OF 1, THEN "≡E"(1)] by blast
6212    AOT_hence x([F]x  z [F]z & p1  ¬p1]x) &
6213               ¬x([F]x  z [F]z & p1  ¬p1]x)
6214      using 2 "&I" by blast
6215    AOT_hence G (x ([F]x  [G]x) & ¬x([F]x  [G]x))
6216      by (rule "∃I"(1)) "cqt:2[lambda]"
6217  }
6218  moreover {
6219    AOT_assume 2: ¬x([F]x  z [F]z & p1]x)
6220    AOT_hence ¬x([F]x  z [F]z & p1]x)
6221      using "KBasic:11"[THEN "≡E"(1)] by blast
6222    AOT_hence x ([F]x  z [F]z & p1]x) & ¬x([F]x  z [F]z & p1]x)
6223      using Aux_A[THEN "→E", OF p1_prop[THEN "&E"(1)]] "&I" by blast
6224    AOT_hence G (x ([F]x  [G]x) & ¬x([F]x  [G]x))
6225      by (rule "∃I"(1)) "cqt:2[lambda]"
6226  }
6227  ultimately AOT_show G (x ([F]x  [G]x) & ¬x([F]x  [G]x))
6228    using "∨E"(1)[OF "exc-mid"] "→I" by blast
6229qed
6230
6231AOT_theorem "eqnotnec:5": FG(¬x([F]x  [G]x) & x([F]x  [G]x))
6232proof(rule GEN)
6233  fix F
6234  AOT_have Aux_A:  ψ  x([F]x  z [F]z & ψ]x) for ψ
6235  proof(rule "RM◇"; rule "→I"; rule GEN)
6236    AOT_modally_strict {
6237    fix x
6238    AOT_assume 0: ψ
6239    AOT_have z [F]z & ψ]x  [F]x & ψ
6240      by (rule "beta-C-meta"[THEN "→E"]) "cqt:2[lambda]"
6241    also AOT_have ...  [F]x
6242      apply (rule "≡I"; rule "→I")
6243      using "∨E"(3)[rotated, OF "useful-tautologies:2"[THEN "→E"], OF 0] "&E"
6244       apply blast
6245      using 0 "&I" by blast
6246    finally AOT_show [F]x  z [F]z & ψ]x
6247      using "Commutativity of ≡"[THEN "≡E"(1)] by blast
6248    }
6249  qed
6250
6251  AOT_have Aux_B:  ψ  x([F]x  z [F]z & ψ  ¬ψ]x) for ψ
6252  proof (rule "RM◇"; rule "→I"; rule GEN)
6253    AOT_modally_strict {
6254      fix x
6255      AOT_assume 0: ψ
6256      AOT_have z ([F]z & ψ)  ¬ψ]x  (([F]x & ψ)  ¬ψ)
6257        by (rule "beta-C-meta"[THEN "→E"]) "cqt:2[lambda]"
6258      also AOT_have ...  [F]x
6259        apply (rule "≡I"; rule "→I")
6260        using "∨E"(3)[rotated, OF "useful-tautologies:2"[THEN "→E"], OF 0] "&E"
6261         apply blast
6262        apply (rule "∨I"(1)) using 0 "&I" by blast
6263      finally AOT_show [F]x  z ([F]z & ψ)  ¬ψ]x
6264        using "Commutativity of ≡"[THEN "≡E"(1)] by blast
6265    }
6266  qed
6267
6268  AOT_have Aux_C:  ¬ψ  ¬z(z [F]z & ψ]z  z [F]z & ψ  ¬ψ]z) for ψ
6269  proof(rule "→I"; rule "raa-cor:2")
6270  AOT_modally_strict {
6271      AOT_assume 0: ¬ψ
6272      AOT_assume z (z [F]z & ψ]z  z [F]z & ψ  ¬ψ]z)
6273      AOT_hence z [F]z & ψ]z  z [F]z & ψ  ¬ψ]z for z
6274        using "∀E" by blast
6275      moreover AOT_have z [F]z & ψ]z  [F]z & ψ for z
6276          by (rule "beta-C-meta"[THEN "→E"]) "cqt:2[lambda]"
6277      moreover AOT_have z ([F]z & ψ)  ¬ψ]z  (([F]z & ψ)  ¬ψ) for z
6278        by (rule "beta-C-meta"[THEN "→E"]) "cqt:2[lambda]"
6279      ultimately AOT_have [F]z & ψ  (([F]z & ψ)  ¬ψ) for z
6280        using "Commutativity of ≡"[THEN "≡E"(1)] "≡E"(5) by meson
6281      moreover AOT_have (([F]z & ψ)  ¬ψ) for z
6282        using 0 "∨I" by blast
6283      ultimately AOT_have ψ using "≡E" "&E" by metis
6284      AOT_thus ψ & ¬ψ using 0 "&I" by blast
6285    }
6286  qed
6287
6288  AOT_have Aux_D: z ([F]z  z [F]z & ψ]z) 
6289    (¬x (z [F]z & ψ]x  z [F]z & ψ  ¬ψ]x) 
6290     ¬x ([F]x  z [F]z & ψ  ¬ψ]x)) for ψ
6291  proof (rule "→I"; rule "≡I";
6292         (rule "useful-tautologies:5"[THEN "→E"]; rule "→I")?)
6293    AOT_modally_strict {
6294      AOT_assume z ([F]z  z [F]z & ψ]z)
6295      AOT_hence 1: [F]z  z [F]z & ψ]z for z
6296        using "∀E" by blast
6297      AOT_assume x ([F]x  z [F]z & ψ  ¬ψ]x)
6298      AOT_hence 2: [F]z  z [F]z & ψ  ¬ψ]z for z
6299        using "∀E" by blast
6300      AOT_have z [F]z & ψ]z  z [F]z & ψ  ¬ψ]z for z
6301        using "≡E" 1 2 by meson
6302      AOT_thus x (z [F]z & ψ]x  z [F]z & ψ  ¬ψ]x)
6303        by (rule GEN)
6304    }
6305  next
6306    AOT_modally_strict {
6307      AOT_assume z ([F]z  z [F]z & ψ]z)
6308      AOT_hence 1: [F]z  z [F]z & ψ]z for z
6309        using "∀E" by blast
6310      AOT_assume x (z [F]z & ψ]x  z [F]z & ψ  ¬ψ]x)
6311      AOT_hence 2: z [F]z & ψ]z  z [F]z & ψ  ¬ψ]z for z
6312        using "∀E" by blast
6313      AOT_have [F]z  z [F]z & ψ  ¬ψ]z for z
6314        using 1 2 "≡E" by meson
6315      AOT_thus x ([F]x  z [F]z & ψ  ¬ψ]x)
6316        by (rule GEN)
6317    }
6318  qed
6319
6320  AOT_obtain p1 where p1_prop: ¬p1 & p1
6321    using "cont-tf-thm:2" "∃E"[rotated] "cont-tf:2"[THEN "≡dfE"] by blast
6322  {
6323    AOT_assume 1: x([F]x  z [F]z & p1]x)
6324    AOT_have 2: x([F]x  z [F]z & p1  ¬p1]x)
6325      using Aux_B[THEN "→E", OF p1_prop[THEN "&E"(2)]].
6326    AOT_have ¬x(z [F]z & p1]x  z [F]z & p1  ¬p1]x)
6327      using Aux_C[THEN "→E", OF p1_prop[THEN "&E"(1)]].
6328    AOT_hence 3: ¬x([F]x  z [F]z & p1  ¬p1]x)
6329      using Aux_D[THEN "→E", OF 1, THEN "≡E"(1)] by blast
6330    AOT_hence ¬x([F]x  z [F]z & p1  ¬p1]x) &
6331               x([F]x  z [F]z & p1  ¬p1]x)
6332      using 2 "&I" by blast
6333    AOT_hence G (¬x ([F]x  [G]x) & x([F]x  [G]x))
6334      by (rule "∃I"(1)) "cqt:2[lambda]"
6335  }
6336  moreover {
6337    AOT_assume 2: ¬x([F]x  z [F]z & p1]x)
6338    AOT_hence ¬x([F]x  z [F]z & p1]x)
6339      using "KBasic:11"[THEN "≡E"(1)] by blast
6340    AOT_hence ¬x ([F]x  z [F]z & p1]x) &
6341               x([F]x  z [F]z & p1]x)
6342      using Aux_A[THEN "→E", OF p1_prop[THEN "&E"(2)]] "&I" by blast
6343    AOT_hence G (¬x ([F]x  [G]x) & x([F]x  [G]x))
6344      by (rule "∃I"(1)) "cqt:2[lambda]"
6345  }
6346  ultimately AOT_show G (¬x ([F]x  [G]x) & x([F]x  [G]x))
6347    using "∨E"(1)[OF "exc-mid"] "→I" by blast
6348qed
6349
6350AOT_theorem "eqnotnec:6": FG(𝒜¬x([F]x  [G]x) & x([F]x  [G]x))
6351proof(rule GEN)
6352  fix F
6353  AOT_have Aux_A:  ψ  x([F]x  z [F]z & ψ]x) for ψ
6354  proof(rule "RM◇"; rule "→I"; rule GEN)
6355    AOT_modally_strict {
6356    fix x
6357    AOT_assume 0: ψ
6358    AOT_have z [F]z & ψ]x  [F]x & ψ
6359      by (rule "beta-C-meta"[THEN "→E"]) "cqt:2[lambda]"
6360    also AOT_have ...  [F]x
6361      apply (rule "≡I"; rule "→I")
6362      using "∨E"(3)[rotated, OF "useful-tautologies:2"[THEN "→E"], OF 0]
6363            "&E"
6364       apply blast
6365      using 0 "&I" by blast
6366    finally AOT_show [F]x  z [F]z & ψ]x
6367      using "Commutativity of ≡"[THEN "≡E"(1)] by blast
6368    }
6369  qed
6370
6371  AOT_have Aux_B:  ψ  x([F]x  z [F]z & ψ  ¬ψ]x) for ψ
6372  proof (rule "RM◇"; rule "→I"; rule GEN)
6373    AOT_modally_strict {
6374      fix x
6375      AOT_assume 0: ψ
6376      AOT_have z ([F]z & ψ)  ¬ψ]x  (([F]x & ψ)  ¬ψ)
6377        by (rule "beta-C-meta"[THEN "→E"]) "cqt:2[lambda]"
6378      also AOT_have ...  [F]x
6379        apply (rule "≡I"; rule "→I")
6380        using "∨E"(3)[rotated, OF "useful-tautologies:2"[THEN "→E"], OF 0] "&E"
6381         apply blast
6382        apply (rule "∨I"(1)) using 0 "&I" by blast
6383      finally AOT_show [F]x  z ([F]z & ψ)  ¬ψ]x
6384        using "Commutativity of ≡"[THEN "≡E"(1)] by blast
6385    }
6386  qed
6387
6388  AOT_have Aux_C:
6389     𝒜¬ψ  𝒜¬z(z [F]z & ψ]z  z [F]z & ψ  ¬ψ]z) for ψ
6390  proof(rule "act-cond"[THEN "→E"]; rule "RA[2]"; rule "→I"; rule "raa-cor:2")
6391  AOT_modally_strict {
6392      AOT_assume 0: ¬ψ
6393      AOT_assume z (z [F]z & ψ]z  z [F]z & ψ  ¬ψ]z)
6394      AOT_hence z [F]z & ψ]z  z [F]z & ψ  ¬ψ]z for z
6395        using "∀E" by blast
6396      moreover AOT_have z [F]z & ψ]z  [F]z & ψ for z
6397          by (rule "beta-C-meta"[THEN "→E"]) "cqt:2[lambda]"
6398      moreover AOT_have z ([F]z & ψ)  ¬ψ]z  (([F]z & ψ)  ¬ψ) for z
6399        by (rule "beta-C-meta"[THEN "→E"]) "cqt:2[lambda]"
6400      ultimately AOT_have [F]z & ψ  (([F]z & ψ)  ¬ψ) for z
6401        using "Commutativity of ≡"[THEN "≡E"(1)] "≡E"(5) by meson
6402      moreover AOT_have (([F]z & ψ)  ¬ψ) for z
6403        using 0 "∨I" by blast
6404      ultimately AOT_have ψ using "≡E" "&E" by metis
6405      AOT_thus ψ & ¬ψ using 0 "&I" by blast
6406    }
6407  qed
6408
6409  AOT_have (z ([F]z  z [F]z & ψ]z) 
6410    (¬x (z [F]z & ψ]x  z [F]z & ψ  ¬ψ]x) 
6411     ¬x ([F]x  z [F]z & ψ  ¬ψ]x))) for ψ
6412  proof (rule RN; rule "→I")
6413    AOT_modally_strict {
6414        AOT_assume z ([F]z  z [F]z & ψ]z)
6415        AOT_thus ¬x (z [F]z & ψ]x  z [F]z & ψ  ¬ψ]x) 
6416                  ¬x ([F]x  z [F]z & ψ  ¬ψ]x)
6417          apply -
6418        proof(rule "≡I"; (rule "useful-tautologies:5"[THEN "→E"]; rule "→I")?)
6419          AOT_assume z ([F]z  z [F]z & ψ]z)
6420          AOT_hence 1: [F]z  z [F]z & ψ]z for z
6421            using "∀E" by blast
6422          AOT_assume x ([F]x  z [F]z & ψ  ¬ψ]x)
6423          AOT_hence 2: [F]z  z [F]z & ψ  ¬ψ]z for z
6424            using "∀E" by blast
6425          AOT_have z [F]z & ψ]z  z [F]z & ψ  ¬ψ]z for z
6426            using "≡E" 1 2 by meson
6427          AOT_thus x (z [F]z & ψ]x  z [F]z & ψ  ¬ψ]x)
6428            by (rule GEN)
6429        next
6430            AOT_assume z ([F]z  z [F]z & ψ]z)
6431            AOT_hence 1: [F]z  z [F]z & ψ]z for z
6432              using "∀E" by blast
6433            AOT_assume x (z [F]z & ψ]x  z [F]z & ψ  ¬ψ]x)
6434            AOT_hence 2: z [F]z & ψ]z  z [F]z & ψ  ¬ψ]z for z
6435              using "∀E" by blast
6436            AOT_have [F]z  z [F]z & ψ  ¬ψ]z for z
6437              using 1 2 "≡E" by meson
6438            AOT_thus x ([F]x  z [F]z & ψ  ¬ψ]x)
6439              by (rule GEN)
6440        qed
6441    }
6442  qed
6443  AOT_hence 𝒜(z ([F]z  z [F]z & ψ]z) 
6444    (¬x (z [F]z & ψ]x  z [F]z & ψ  ¬ψ]x) 
6445     ¬x ([F]x  z [F]z & ψ  ¬ψ]x))) for ψ
6446    using "nec-imp-act"[THEN "→E"] by blast
6447  AOT_hence 𝒜z ([F]z  z [F]z & ψ]z) 
6448    𝒜(¬x (z [F]z & ψ]x  z [F]z & ψ  ¬ψ]x) 
6449    ¬x ([F]x  z [F]z & ψ  ¬ψ]x)) for ψ
6450    using "act-cond"[THEN "→E"] by blast
6451  AOT_hence Aux_D: 𝒜z ([F]z  z [F]z & ψ]z) 
6452    (𝒜¬x (z [F]z & ψ]x  z [F]z & ψ  ¬ψ]x) 
6453     𝒜¬x ([F]x  z [F]z & ψ  ¬ψ]x)) for ψ
6454    by (auto intro!: "→I" "Act-Basic:5"[THEN "≡E"(1)] dest!: "→E")
6455
6456  AOT_have ¬𝒜q0
6457    apply (rule "=dfI"(2)[OF q0_def])
6458     apply (fact "log-prop-prop:2")
6459    by (fact AOT)
6460  AOT_hence q0_prop_1: 𝒜¬q0
6461    using "logic-actual-nec:1"[axiom_inst, THEN "≡E"(2)] by blast
6462  {
6463    AOT_assume 1: 𝒜x([F]x  z [F]z & q0]x)
6464    AOT_have 2: x([F]x  z [F]z & q0  ¬q0]x)
6465      using Aux_B[THEN "→E", OF q0_prop[THEN "&E"(1)]].
6466    AOT_have 𝒜¬x(z [F]z & q0]x  z [F]z & q0  ¬q0]x)
6467      using Aux_C[THEN "→E", OF q0_prop_1].
6468    AOT_hence 3: 𝒜¬x([F]x  z [F]z & q0  ¬q0]x)
6469      using Aux_D[THEN "→E", OF 1, THEN "≡E"(1)] by blast
6470    AOT_hence 𝒜¬x([F]x  z [F]z & q0  ¬q0]x) &
6471               x([F]x  z [F]z & q0  ¬q0]x)
6472      using 2 "&I" by blast
6473    AOT_hence G (𝒜¬x ([F]x  [G]x) & x([F]x  [G]x))
6474      by (rule "∃I"(1)) "cqt:2[lambda]"
6475  }
6476  moreover {
6477    AOT_assume 2: ¬𝒜x([F]x  z [F]z & q0]x)
6478    AOT_hence 𝒜¬x([F]x  z [F]z & q0]x)
6479      using "logic-actual-nec:1"[axiom_inst, THEN "≡E"(2)] by blast
6480    AOT_hence 𝒜¬x ([F]x  z [F]z & q0]x) & x([F]x  z [F]z & q0]x)
6481      using Aux_A[THEN "→E", OF q0_prop[THEN "&E"(1)]] "&I" by blast
6482    AOT_hence G (𝒜¬x ([F]x  [G]x) & x([F]x  [G]x))
6483      by (rule "∃I"(1)) "cqt:2[lambda]"
6484  }
6485  ultimately AOT_show G (𝒜¬x ([F]x  [G]x) & x([F]x  [G]x))
6486    using "∨E"(1)[OF "exc-mid"] "→I" by blast
6487qed
6488
6489AOT_theorem "oa-contingent:1": O!  A!
6490proof(rule "≡dfI"[OF "=-infix"]; rule "raa-cor:2")
6491  fix x
6492  AOT_assume 1: O! = A!
6493  AOT_hence x E!x] = A!
6494    by (rule "=dfE"(2)[OF AOT_ordinary, rotated]) "cqt:2[lambda]"
6495  AOT_hence x E!x] = x ¬E!x]
6496    by (rule "=dfE"(2)[OF AOT_abstract, rotated]) "cqt:2[lambda]"
6497  moreover AOT_have x E!x]x  E!x
6498    by (rule "beta-C-meta"[THEN "→E"]) "cqt:2[lambda]"
6499  ultimately AOT_have x ¬E!x]x  E!x
6500    using "rule=E" by fast
6501  moreover AOT_have x ¬E!x]x  ¬E!x
6502    by (rule "beta-C-meta"[THEN "→E"]) "cqt:2[lambda]"
6503  ultimately AOT_have E!x  ¬E!x
6504    using "≡E"(6) "Commutativity of ≡"[THEN "≡E"(1)] by blast
6505  AOT_thus "(E!x  ¬E!x) & ¬(E!x  ¬E!x)"
6506    using "oth-class-taut:3:c" "&I" by blast
6507qed
6508
6509AOT_theorem "oa-contingent:2": O!x  ¬A!x
6510proof -
6511  AOT_have O!x  x E!x]x
6512    apply (rule "≡I"; rule "→I")
6513     apply (rule "=dfE"(2)[OF AOT_ordinary])
6514      apply "cqt:2[lambda]"
6515     apply argo
6516    apply (rule  "=dfI"(2)[OF AOT_ordinary])
6517     apply "cqt:2[lambda]"
6518    by argo
6519  also AOT_have   E!x
6520    by (rule "beta-C-meta"[THEN "→E"]) "cqt:2[lambda]"
6521  also AOT_have   ¬¬E!x
6522    using "oth-class-taut:3:b".
6523  also AOT_have   ¬x ¬E!x]x
6524    by (rule "beta-C-meta"[THEN "→E",
6525              THEN "oth-class-taut:4:b"[THEN "≡E"(1)], symmetric])
6526       "cqt:2"
6527  also AOT_have   ¬A!x
6528    apply (rule "≡I"; rule "→I")
6529     apply (rule "=dfI"(2)[OF AOT_abstract])
6530      apply "cqt:2[lambda]"
6531     apply argo
6532    apply (rule "=dfE"(2)[OF AOT_abstract])
6533     apply "cqt:2[lambda]"
6534    by argo
6535  finally show ?thesis.
6536qed
6537
6538AOT_theorem "oa-contingent:3": A!x  ¬O!x
6539  by (AOT_subst A!x ¬¬A!x)
6540     (auto simp add: "oth-class-taut:3:b" "oa-contingent:2"[THEN
6541         "oth-class-taut:4:b"[THEN "≡E"(1)], symmetric])
6542
6543AOT_theorem "oa-contingent:4": Contingent(O!)
6544proof (rule "thm-cont-prop:2"[unvarify F, OF "oa-exist:1", THEN "≡E"(2)];
6545       rule "&I")
6546  AOT_have x E!x using "thm-cont-e:3" .
6547  AOT_hence x E!x using "BF◇"[THEN "→E"] by blast
6548  then AOT_obtain a where E!a using "∃E"[rotated] by blast
6549  AOT_hence x E!x]a
6550    by (rule "beta-C-meta"[THEN "→E", THEN "≡E"(2), rotated]) "cqt:2"
6551  AOT_hence O!a
6552    by (rule "=dfI"(2)[OF AOT_ordinary, rotated]) "cqt:2"
6553  AOT_hence x O!x using "∃I" by blast
6554  AOT_thus x O!x using "T◇"[THEN "→E"] by blast
6555next
6556  AOT_obtain a where A!a
6557    using "A-objects"[axiom_inst] "∃E"[rotated] "&E" by blast
6558  AOT_hence ¬O!a using "oa-contingent:3"[THEN "≡E"(1)] by blast
6559  AOT_hence x ¬O!x using "∃I" by fast
6560  AOT_thus x ¬O!x using "T◇"[THEN "→E"] by blast
6561qed
6562
6563AOT_theorem "oa-contingent:5": Contingent(A!)
6564proof (rule "thm-cont-prop:2"[unvarify F, OF "oa-exist:2", THEN "≡E"(2)];
6565       rule "&I")
6566  AOT_obtain a where A!a
6567    using "A-objects"[axiom_inst] "∃E"[rotated] "&E" by blast
6568  AOT_hence x A!x using "∃I" by fast
6569  AOT_thus x A!x using "T◇"[THEN "→E"] by blast
6570next
6571  AOT_have x E!x using "thm-cont-e:3" .
6572  AOT_hence x E!x using "BF◇"[THEN "→E"] by blast
6573  then AOT_obtain a where E!a using "∃E"[rotated] by blast
6574  AOT_hence x E!x]a
6575    by (rule "beta-C-meta"[THEN "→E", THEN "≡E"(2), rotated]) "cqt:2[lambda]"
6576  AOT_hence O!a
6577    by (rule "=dfI"(2)[OF AOT_ordinary, rotated]) "cqt:2[lambda]"
6578  AOT_hence ¬A!a using "oa-contingent:2"[THEN "≡E"(1)] by blast
6579  AOT_hence x ¬A!x using "∃I" by fast
6580  AOT_thus x ¬A!x using "T◇"[THEN "→E"] by blast
6581qed
6582
6583AOT_theorem "oa-contingent:7": O!-x  ¬A!-x
6584proof -
6585  AOT_have O!x  ¬A!x
6586    using "oa-contingent:2" by blast
6587  also AOT_have   A!-x
6588    using "thm-relation-negation:1"[symmetric, unvarify F, OF "oa-exist:2"].
6589  finally AOT_have 1: O!x  A!-x.
6590
6591  AOT_have A!x  ¬O!x
6592    using "oa-contingent:3" by blast
6593  also AOT_have   O!-x
6594    using "thm-relation-negation:1"[symmetric, unvarify F, OF "oa-exist:1"].
6595  finally AOT_have 2: A!x  O!-x.
6596
6597  AOT_show O!-x  ¬A!-x
6598    using 1[THEN "oth-class-taut:4:b"[THEN "≡E"(1)]]
6599          "oa-contingent:3"[of _ x] 2[symmetric]
6600          "≡E"(5) by blast
6601qed
6602
6603AOT_theorem "oa-contingent:6": O!-  A!-
6604proof (rule "=-infix"[THEN "≡dfI"]; rule "raa-cor:2")
6605  AOT_assume 1: O!- = A!-
6606  fix x
6607  AOT_have A!-x  O!-x
6608    apply (rule "rule=E"[rotated, OF 1])
6609    by (fact "oth-class-taut:3:a")
6610  AOT_hence A!-x  ¬A!-x
6611    using "oa-contingent:7" "≡E" by fast
6612  AOT_thus (A!-x  ¬A!-x) & ¬(A!-x  ¬A!-x)
6613    using "oth-class-taut:3:c" "&I" by blast
6614qed
6615
6616AOT_theorem "oa-contingent:8": Contingent(O!-)
6617  using "thm-cont-prop:3"[unvarify F, OF "oa-exist:1", THEN "≡E"(1),
6618          OF "oa-contingent:4"].
6619
6620AOT_theorem "oa-contingent:9": Contingent(A!-)
6621  using "thm-cont-prop:3"[unvarify F, OF "oa-exist:2", THEN "≡E"(1),
6622          OF "oa-contingent:5"].
6623
6624AOT_define WeaklyContingent :: ‹Π  φ› (WeaklyContingent'(_'))
6625  "df-cont-nec":
6626  WeaklyContingent([F]) df Contingent([F]) & x ([F]x  [F]x)
6627
6628AOT_theorem "cont-nec-fact1:1":
6629  WeaklyContingent([F])  WeaklyContingent([F]-)
6630proof -
6631  AOT_have WeaklyContingent([F])  Contingent([F]) & x ([F]x  [F]x)
6632    using "df-cont-nec"[THEN "≡Df"] by blast
6633  also AOT_have ...  Contingent([F]-) & x ([F]x  [F]x)
6634    apply (rule "oth-class-taut:8:f"[THEN "≡E"(2)]; rule "→I")
6635    using "thm-cont-prop:3".
6636  also AOT_have   Contingent([F]-) & x ([F]-x  [F]-x)
6637  proof (rule "oth-class-taut:8:e"[THEN "≡E"(2)];
6638         rule "→I"; rule "≡I"; rule "→I"; rule GEN; rule "→I")
6639    fix x
6640    AOT_assume 0: x ([F]x  [F]x)
6641    AOT_assume 1: [F]-x
6642    AOT_have ¬[F]x
6643      by (AOT_subst (reverse) ¬[F]x [F]-x)
6644         (auto simp add: "thm-relation-negation:1" 1)
6645    AOT_hence 2: ¬[F]x
6646      using "KBasic:11"[THEN "≡E"(2)] by blast
6647    AOT_show [F]-x
6648    proof (rule "raa-cor:1")
6649      AOT_assume 3: ¬[F]-x
6650      AOT_have ¬¬[F]x
6651        by (AOT_subst (reverse) ¬[F]x [F]-x)
6652           (auto simp add: "thm-relation-negation:1" 3)
6653      AOT_hence [F]x
6654        using "conventions:5"[THEN "≡dfI"] by simp
6655      AOT_hence [F]x using 0 "∀E" "→E" by fast
6656      AOT_thus [F]x & ¬[F]x using "&I" 2 by blast
6657    qed
6658  next
6659    fix x
6660    AOT_assume 0: x ([F]-x  [F]-x)
6661    AOT_assume 1: [F]x
6662    AOT_have ¬[F]-x
6663      by (AOT_subst ¬[F]-x [F]x)
6664         (auto simp: "thm-relation-negation:2" 1)
6665    AOT_hence 2: ¬[F]-x
6666      using "KBasic:11"[THEN "≡E"(2)] by blast
6667    AOT_show [F]x
6668    proof (rule "raa-cor:1")
6669      AOT_assume 3: ¬[F]x
6670      AOT_have ¬¬[F]-x
6671        by (AOT_subst ¬[F]-x [F]x)
6672           (auto simp add: "thm-relation-negation:2" 3)
6673      AOT_hence [F]-x
6674        using "conventions:5"[THEN "≡dfI"] by simp
6675      AOT_hence [F]-x using 0 "∀E" "→E" by fast
6676      AOT_thus [F]-x & ¬[F]-x using "&I" 2 by blast
6677    qed
6678  qed
6679  also AOT_have   WeaklyContingent([F]-)
6680    using "df-cont-nec"[THEN "≡Df", symmetric] by blast
6681  finally show ?thesis.
6682qed
6683
6684AOT_theorem "cont-nec-fact1:2":
6685  (WeaklyContingent([F]) & ¬WeaklyContingent([G]))  F  G
6686proof (rule "→I"; rule "=-infix"[THEN "≡dfI"]; rule "raa-cor:2")
6687  AOT_assume 1: WeaklyContingent([F]) & ¬WeaklyContingent([G])
6688  AOT_hence WeaklyContingent([F]) using "&E" by blast
6689  moreover AOT_assume F = G
6690  ultimately AOT_have WeaklyContingent([G])
6691    using "rule=E" by blast
6692  AOT_thus WeaklyContingent([G]) & ¬WeaklyContingent([G])
6693    using 1 "&I" "&E" by blast
6694qed
6695
6696AOT_theorem "cont-nec-fact2:1": WeaklyContingent(O!)
6697proof (rule "df-cont-nec"[THEN "≡dfI"]; rule "&I")
6698  AOT_show Contingent(O!)
6699    using "oa-contingent:4".
6700next
6701  AOT_show x ([O!]x  [O!]x)
6702    apply (rule GEN; rule "→I")
6703    using "oa-facts:5"[THEN "≡E"(1)] by blast
6704qed
6705
6706
6707AOT_theorem "cont-nec-fact2:2": WeaklyContingent(A!)
6708proof (rule "df-cont-nec"[THEN "≡dfI"]; rule "&I")
6709  AOT_show Contingent(A!)
6710    using "oa-contingent:5".
6711next
6712  AOT_show x ([A!]x  [A!]x)
6713    apply (rule GEN; rule "→I")
6714    using "oa-facts:6"[THEN "≡E"(1)] by blast
6715qed
6716
6717AOT_theorem "cont-nec-fact2:3": ¬WeaklyContingent(E!)
6718proof (rule "df-cont-nec"[THEN "≡Df",
6719                          THEN "oth-class-taut:4:b"[THEN "≡E"(1)],
6720                          THEN "≡E"(2)];
6721       rule DeMorgan(1)[THEN "≡E"(2)]; rule "∨I"(2); rule "raa-cor:2")
6722  AOT_have x (E!x & ¬𝒜E!x) using "qml:4"[axiom_inst].
6723  AOT_hence x (E!x & ¬𝒜E!x) using "BF◇"[THEN "→E"] by blast
6724  then AOT_obtain a where (E!a & ¬𝒜E!a) using "∃E"[rotated] by blast
6725  AOT_hence 1: E!a & ¬𝒜E!a using "KBasic2:3"[THEN "→E"] by simp
6726  moreover AOT_assume x ([E!]x  [E!]x)
6727  ultimately AOT_have E!a using "&E" "∀E" "→E" by fast
6728  AOT_hence 𝒜E!a using "nec-imp-act"[THEN "→E"] by blast
6729  AOT_hence 𝒜E!a using "qml-act:1"[axiom_inst, THEN "→E"] by blast
6730  moreover AOT_have ¬𝒜E!a
6731    using "KBasic:11"[THEN "≡E"(2)] 1[THEN "&E"(2)] by meson
6732  ultimately AOT_have 𝒜E!a & ¬𝒜E!a using "&I" by blast
6733  AOT_thus p & ¬p for p using "raa-cor:1" by blast
6734qed
6735
6736AOT_theorem "cont-nec-fact2:4": ¬WeaklyContingent(L)
6737  apply (rule "df-cont-nec"[THEN "≡Df",
6738                            THEN "oth-class-taut:4:b"[THEN "≡E"(1)],
6739                            THEN "≡E"(2)];
6740       rule DeMorgan(1)[THEN "≡E"(2)]; rule "∨I"(1))
6741  apply (rule "contingent-properties:4"
6742                [THEN "≡Df",
6743                 THEN "oth-class-taut:4:b"[THEN "≡E"(1)],
6744                 THEN "≡E"(2)])
6745  apply (rule DeMorgan(1)[THEN "≡E"(2)];
6746         rule "∨I"(2);
6747         rule "useful-tautologies:2"[THEN "→E"])
6748  using "thm-noncont-e-e:3"[THEN "contingent-properties:3"[THEN "≡dfE"]].
6749
6750(* TODO: cleanup *)
6751AOT_theorem "cont-nec-fact2:5": O!  E! & O!  E!- & O!  L & O!  L-
6752proof -
6753  AOT_have 1: L
6754    by (rule "=dfI"(2)[OF L_def]) "cqt:2[lambda]"+
6755  {
6756    fix φ and Π Π' :: <κ>
6757    AOT_have A: ¬(φ{Π'}  φ{Π}) if  φ{Π} and ¬φ{Π'}
6758    proof (rule "raa-cor:2")
6759      AOT_assume φ{Π'}  φ{Π}
6760      AOT_hence φ{Π'} using that(1) "≡E" by blast
6761      AOT_thus φ{Π'} & ¬φ{Π'} using that(2) "&I" by blast
6762    qed
6763    AOT_have Π'  Π if Π and Π' and φ{Π} and ¬φ{Π'}
6764      using "pos-not-equiv-ne:4"[unvarify F G, THEN "→E",
6765                                 OF that(1,2), OF A[OF that(3, 4)]].
6766  } note 0 = this
6767  show ?thesis
6768    apply(safe intro!: "&I"; rule 0)
6769    using "cqt:2[concrete]"[axiom_inst] apply blast
6770    using "oa-exist:1" apply blast
6771    using "cont-nec-fact2:3" apply fast
6772    apply (rule "useful-tautologies:2"[THEN "→E"])
6773    using "cont-nec-fact2:1" apply fast
6774    using "rel-neg-T:3" apply fast
6775    using "oa-exist:1" apply blast
6776    using "cont-nec-fact1:1"[unvarify F,
6777            THEN "oth-class-taut:4:b"[THEN "≡E"(1)],
6778            THEN "≡E"(1), rotated, OF "cont-nec-fact2:3",
6779            OF "cqt:2[concrete]"[axiom_inst]] apply fast
6780    apply (rule "useful-tautologies:2"[THEN "→E"])
6781    using "cont-nec-fact2:1" apply blast
6782    apply (rule "=dfI"(2)[OF L_def]; "cqt:2[lambda]")
6783    using "oa-exist:1" apply fast
6784    using "cont-nec-fact2:4" apply fast
6785    apply (rule "useful-tautologies:2"[THEN "→E"])
6786    using "cont-nec-fact2:1" apply fast
6787    using "rel-neg-T:3" apply fast
6788    using "oa-exist:1" apply fast
6789     apply (rule "cont-nec-fact1:1"[unvarify F,
6790                    THEN "oth-class-taut:4:b"[THEN "≡E"(1)],
6791                    THEN "≡E"(1), rotated, OF "cont-nec-fact2:4"])
6792    apply (rule "=dfI"(2)[OF L_def]; "cqt:2[lambda]")
6793    apply (rule "useful-tautologies:2"[THEN "→E"])
6794    using "cont-nec-fact2:1" by blast
6795qed
6796
6797(* TODO: cleanup together with above *)
6798AOT_theorem "cont-nec-fact2:6": A!  E! & A!  E!- & A!  L & A!  L-
6799proof -
6800  AOT_have 1: L
6801    by (rule "=dfI"(2)[OF L_def]) "cqt:2[lambda]"+
6802  {
6803    fix φ and Π Π' :: <κ>
6804    AOT_have A: ¬(φ{Π'}  φ{Π}) if  φ{Π} and ¬φ{Π'}
6805    proof (rule "raa-cor:2")
6806      AOT_assume φ{Π'}  φ{Π}
6807      AOT_hence φ{Π'} using that(1) "≡E" by blast
6808      AOT_thus φ{Π'} & ¬φ{Π'} using that(2) "&I" by blast
6809    qed
6810    AOT_have Π'  Π if Π and Π' and φ{Π} and ¬φ{Π'}
6811      using "pos-not-equiv-ne:4"[unvarify F G, THEN "→E",
6812              OF that(1,2), OF A[OF that(3, 4)]].
6813  } note 0 = this
6814  show ?thesis
6815    apply(safe intro!: "&I"; rule 0)
6816    using "cqt:2[concrete]"[axiom_inst] apply blast
6817    using "oa-exist:2" apply blast
6818    using "cont-nec-fact2:3" apply fast
6819    apply (rule "useful-tautologies:2"[THEN "→E"])
6820    using "cont-nec-fact2:2" apply fast
6821    using "rel-neg-T:3" apply fast
6822    using "oa-exist:2" apply blast
6823    using "cont-nec-fact1:1"[unvarify F,
6824            THEN "oth-class-taut:4:b"[THEN "≡E"(1)], THEN "≡E"(1),
6825            rotated, OF "cont-nec-fact2:3",
6826            OF "cqt:2[concrete]"[axiom_inst]] apply fast
6827    apply (rule "useful-tautologies:2"[THEN "→E"])
6828    using "cont-nec-fact2:2" apply blast
6829    apply (rule "=dfI"(2)[OF L_def]; "cqt:2[lambda]")
6830    using "oa-exist:2" apply fast
6831    using "cont-nec-fact2:4" apply fast
6832    apply (rule "useful-tautologies:2"[THEN "→E"])
6833    using "cont-nec-fact2:2" apply fast
6834    using "rel-neg-T:3" apply fast
6835    using "oa-exist:2" apply fast
6836     apply (rule "cont-nec-fact1:1"[unvarify F,
6837              THEN "oth-class-taut:4:b"[THEN "≡E"(1)],
6838              THEN "≡E"(1), rotated, OF "cont-nec-fact2:4"])
6839     apply (rule "=dfI"(2)[OF L_def]; "cqt:2[lambda]")
6840    apply (rule "useful-tautologies:2"[THEN "→E"])
6841    using "cont-nec-fact2:2" by blast
6842qed
6843
6844AOT_define necessary_or_contingently_false :: ‹φ  φ› ("Δ_" [49] 54)
6845  Δp df p  (¬𝒜p & p)
6846
6847AOT_theorem sixteen:
6848 shows F1F2F3F4F5F6F7F8F9F10F11F12F13F14F15F16 (
6849  «F1::<κ>»  F2 & F1  F3 & F1  F4 & F1  F5 & F1  F6 & F1  F7 &
6850    F1  F8 & F1  F9 & F1  F10 & F1  F11 & F1  F12 & F1  F13 &
6851    F1  F14 & F1  F15 & F1  F16 &
6852  F2  F3 & F2  F4 & F2  F5 & F2  F6 & F2  F7 & F2  F8 &
6853    F2  F9 & F2  F10 & F2  F11 & F2  F12 & F2  F13 & F2  F14 &
6854    F2  F15 & F2  F16 &
6855  F3  F4 & F3  F5 & F3  F6 & F3  F7 & F3  F8 & F3  F9 & F3  F10 &
6856    F3  F11 & F3  F12 & F3  F13 & F3  F14 & F3  F15 & F3  F16 &
6857  F4  F5 & F4  F6 & F4  F7 & F4  F8 & F4  F9 & F4  F10 & F4  F11 &
6858    F4  F12 & F4  F13 & F4  F14 & F4  F15 & F4  F16 &
6859  F5  F6 & F5  F7 & F5  F8 & F5  F9 & F5  F10 & F5  F11 & F5  F12 &
6860    F5  F13 & F5  F14 & F5  F15 & F5  F16 &
6861  F6  F7 & F6  F8 & F6  F9 & F6  F10 & F6  F11 & F6  F12 & F6  F13 &
6862    F6  F14 & F6  F15 & F6  F16 &
6863  F7  F8 & F7  F9 & F7  F10 & F7  F11 & F7  F12 & F7  F13 & F7  F14 &
6864    F7  F15 & F7  F16 &
6865  F8  F9 & F8  F10 & F8  F11 & F8  F12 & F8  F13 & F8  F14 & F8  F15 &
6866    F8  F16 &
6867  F9  F10 & F9  F11 & F9  F12 & F9  F13 & F9  F14 & F9  F15 & F9  F16 &
6868  F10  F11 & F10  F12 & F10  F13 & F10  F14 & F10  F15 & F10  F16 &
6869  F11  F12 & F11  F13 & F11  F14 & F11  F15 & F11  F16 &
6870  F12  F13 & F12  F14 & F12  F15 & F12  F16 &
6871  F13  F14 & F13  F15 & F13  F16 &
6872  F14  F15 & F14  F16 &
6873  F15  F16) 
6874proof -
6875  AOT_have Delta_pos: Δφ  φ for φ
6876  proof(rule "→I")
6877    AOT_assume Δφ
6878    AOT_hence φ  (¬𝒜φ & φ)
6879      using "≡dfE"[OF necessary_or_contingently_false] by blast
6880    moreover {
6881      AOT_assume φ
6882      AOT_hence φ
6883        by (metis "B◇" "T◇" "vdash-properties:10")
6884    }
6885    moreover {
6886      AOT_assume ¬𝒜φ & φ
6887      AOT_hence φ
6888        using "&E" by blast
6889    }
6890    ultimately AOT_show φ
6891      by (metis "∨E"(2) "raa-cor:1") 
6892  qed
6893
6894  AOT_have act_and_not_nec_not_delta: ¬Δφ if 𝒜φ and ¬φ for φ
6895    using "≡dfE" "&E"(1) "∨E"(2) necessary_or_contingently_false
6896          "raa-cor:3" that(1,2) by blast
6897  AOT_have act_and_pos_not_not_delta: ¬Δφ if 𝒜φ and ¬φ for φ
6898    using "KBasic:11" act_and_not_nec_not_delta "≡E"(2) that(1,2) by blast
6899  AOT_have impossible_delta: ¬Δφ if ¬φ for φ
6900    using Delta_pos "modus-tollens:1" that by blast
6901  AOT_have not_act_and_pos_delta: Δφ if ¬𝒜φ and φ for φ
6902    by (meson "≡dfI" "&I" "∨I"(2) necessary_or_contingently_false that(1,2))
6903  AOT_have nec_delta: Δφ if φ for φ
6904    using "≡dfI" "∨I"(1) necessary_or_contingently_false that by blast
6905
6906  AOT_obtain a where a_prop: A!a
6907    using "A-objects"[axiom_inst] "∃E"[rotated] "&E" by blast
6908  AOT_obtain b where b_prop: [E!]b & ¬𝒜[E!]b
6909    using "pos-not-pna:3" using "∃E"[rotated] by blast
6910
6911  AOT_have b_ord: [O!]b
6912  proof(rule "=dfI"(2)[OF AOT_ordinary])
6913    AOT_show x [E!]x] by "cqt:2[lambda]"
6914  next
6915    AOT_show x [E!]x]b
6916    proof (rule "β←C"(1); ("cqt:2[lambda]")?)
6917      AOT_show b by (rule "cqt:2[const_var]"[axiom_inst])
6918      AOT_show [E!]b by (fact b_prop[THEN "&E"(1)])
6919    qed
6920  qed
6921
6922  AOT_have nec_not_L_neg: ¬[L-]x for x
6923    using "thm-noncont-e-e:2" "contingent-properties:2"[THEN "≡dfE"] "&E"
6924          CBF[THEN "→E"] "∀E" by blast
6925  AOT_have nec_L: [L]x for x
6926    using "thm-noncont-e-e:1" "contingent-properties:1"[THEN "≡dfE"]
6927      CBF[THEN "→E"] "∀E" by blast
6928
6929  AOT_have act_ord_b: 𝒜[O!]b
6930    using b_ord "≡E"(1) "oa-facts:7" by blast
6931  AOT_have delta_ord_b: Δ[O!]b
6932    by (meson "≡dfI" b_ord "∨I"(1) necessary_or_contingently_false
6933              "oa-facts:1" "→E")
6934  AOT_have not_act_ord_a: ¬𝒜[O!]a
6935    by (meson a_prop "≡E"(1) "≡E"(3) "oa-contingent:3" "oa-facts:7")
6936  AOT_have not_delta_ord_a: ¬Δ[O!]a
6937    by (metis Delta_pos "≡E"(4) not_act_ord_a "oa-facts:3" "oa-facts:7"
6938              "reductio-aa:1" "→E")
6939
6940  AOT_have not_act_abs_b: ¬𝒜[A!]b
6941    by (meson b_ord "≡E"(1) "≡E"(3) "oa-contingent:2" "oa-facts:8")
6942  AOT_have not_delta_abs_b: ¬Δ[A!]b
6943  proof(rule "raa-cor:2")
6944    AOT_assume Δ[A!]b
6945    AOT_hence [A!]b
6946      by (metis Delta_pos "vdash-properties:10")
6947    AOT_thus [A!]b & ¬[A!]b
6948      by (metis b_ord "&I" "≡E"(1) "oa-contingent:2"
6949                "oa-facts:4" "→E")
6950  qed
6951  AOT_have act_abs_a: 𝒜[A!]a
6952    using a_prop "≡E"(1) "oa-facts:8" by blast
6953  AOT_have delta_abs_a: Δ[A!]a
6954    by (metis "≡dfI" a_prop "oa-facts:2" "→E" "∨I"(1)
6955              necessary_or_contingently_false)
6956
6957  AOT_have not_act_concrete_b: ¬𝒜[E!]b
6958    using b_prop "&E"(2) by blast
6959  AOT_have delta_concrete_b: Δ[E!]b
6960  proof (rule "≡dfI"[OF necessary_or_contingently_false];
6961         rule "∨I"(2); rule "&I")
6962    AOT_show ¬𝒜[E!]b using b_prop "&E"(2) by blast
6963  next
6964    AOT_show [E!]b using b_prop "&E"(1) by blast
6965  qed
6966  AOT_have not_act_concrete_a: ¬𝒜[E!]a
6967  proof (rule "raa-cor:2")
6968    AOT_assume 𝒜[E!]a
6969    AOT_hence 1: [E!]a by (metis "Act-Sub:3" "→E")
6970    AOT_have [A!]a by (simp add: a_prop)
6971    AOT_hence x ¬[E!]x]a
6972      by (rule "=dfE"(2)[OF AOT_abstract, rotated]) "cqt:2"
6973    AOT_hence ¬[E!]a using "β→C"(1) by blast
6974    AOT_thus [E!]a & ¬[E!]a using 1 "&I" by blast
6975  qed
6976  AOT_have not_delta_concrete_a: ¬Δ[E!]a
6977  proof (rule "raa-cor:2")
6978    AOT_assume Δ[E!]a
6979    AOT_hence 1: [E!]a by (metis Delta_pos "vdash-properties:10")
6980    AOT_have [A!]a by (simp add: a_prop)
6981    AOT_hence x ¬[E!]x]a
6982      by (rule "=dfE"(2)[OF AOT_abstract, rotated]) "cqt:2[lambda]"
6983    AOT_hence ¬[E!]a using "β→C"(1) by blast
6984    AOT_thus [E!]a & ¬[E!]a using 1 "&I" by blast
6985  qed
6986
6987  AOT_have not_act_q_zero: ¬𝒜q0
6988    by (meson "log-prop-prop:2" "pos-not-pna:1"
6989              q0_def "reductio-aa:1" "rule-id-df:2:a[zero]")
6990  AOT_have delta_q_zero: Δq0
6991  proof(rule "≡dfI"[OF necessary_or_contingently_false];
6992        rule "∨I"(2); rule "&I")
6993    AOT_show ¬𝒜q0 using not_act_q_zero.
6994    AOT_show q0 by (meson "&E"(1) q0_prop)
6995  qed
6996  AOT_have act_not_q_zero: 𝒜¬q0
6997    using "Act-Basic:1" "∨E"(2) not_act_q_zero by blast
6998  AOT_have not_delta_not_q_zero: ¬Δ¬q0
6999    using "≡dfE" "conventions:5" "Act-Basic:1" act_and_not_nec_not_delta
7000          "&E"(1) "∨E"(2) not_act_q_zero q0_prop by blast
7001
7002  AOT_have [L-] by (simp add: "rel-neg-T:3")
7003  moreover AOT_have ¬𝒜[L-]b & ¬Δ[L-]b & ¬𝒜[L-]a & ¬Δ[L-]a
7004  proof (safe intro!: "&I")
7005    AOT_show ¬𝒜[L-]b
7006      by (meson "≡E"(1) "logic-actual-nec:1"[axiom_inst] "nec-imp-act"
7007                nec_not_L_neg "→E")
7008    AOT_show ¬Δ[L-]b
7009      by (meson Delta_pos "KBasic2:1" "≡E"(1)
7010                "modus-tollens:1" nec_not_L_neg)
7011    AOT_show ¬𝒜[L-]a
7012      by (meson "≡E"(1) "logic-actual-nec:1"[axiom_inst]
7013                "nec-imp-act" nec_not_L_neg "→E")
7014    AOT_show ¬Δ[L-]a
7015      using Delta_pos "KBasic2:1" "≡E"(1) "modus-tollens:1"
7016            nec_not_L_neg by blast
7017  qed
7018  ultimately AOT_obtain F0 where ¬𝒜[F0]b & ¬Δ[F0]b & ¬𝒜[F0]a & ¬Δ[F0]a
7019    using "∃I"(1)[rotated, THEN "∃E"[rotated]] by fastforce
7020  AOT_hence ¬𝒜[F0]b and ¬Δ[F0]b and ¬𝒜[F0]a and ¬Δ[F0]a
7021    using "&E" by blast+
7022  note props = this
7023
7024  let  = "«y [A!]y & q0]»"
7025  AOT_modally_strict {
7026    AOT_have [«»] by "cqt:2[lambda]"
7027  } note 1 = this
7028  moreover AOT_have ¬𝒜[«»]b & ¬Δ[«»]b & ¬𝒜[«»]a & Δ[«»]a
7029  proof (safe intro!: "&I"; AOT_subst y A!y & q0]x A!x & q0 for: x)
7030    AOT_show ¬𝒜([A!]b & q0)
7031      using "Act-Basic:2" "&E"(1) "≡E"(1) not_act_abs_b "raa-cor:3" by blast
7032  next AOT_show ¬Δ([A!]b & q0)
7033      by (metis Delta_pos "KBasic2:3" "&E"(1) "≡E"(4) not_act_abs_b
7034                "oa-facts:4" "oa-facts:8" "raa-cor:3" "→E")
7035  next AOT_show ¬𝒜([A!]a & q0)
7036      using "Act-Basic:2" "&E"(2) "≡E"(1) not_act_q_zero
7037            "raa-cor:3" by blast
7038  next AOT_show Δ([A!]a & q0)
7039    proof (rule not_act_and_pos_delta)
7040      AOT_show ¬𝒜([A!]a & q0)
7041        using "Act-Basic:2" "&E"(2) "≡E"(4) not_act_q_zero
7042              "raa-cor:3" by blast
7043    next AOT_show ([A!]a & q0)
7044        by (metis "&I" "→E" Delta_pos "KBasic:16" "&E"(1) delta_abs_a
7045                  "≡E"(1) "oa-facts:6" q0_prop)
7046    qed
7047  qed(auto simp: "beta-C-meta"[THEN "→E", OF 1])
7048  ultimately AOT_obtain F1 where ¬𝒜[F1]b & ¬Δ[F1]b & ¬𝒜[F1]a & Δ[F1]a
7049    using "∃I"(1)[rotated, THEN "∃E"[rotated]] by fastforce
7050  AOT_hence ¬𝒜[F1]b and ¬Δ[F1]b and ¬𝒜[F1]a and Δ[F1]a
7051    using "&E" by blast+
7052  note props = props this
7053
7054  let  = "«y [A!]y & ¬q0]»"
7055  AOT_modally_strict {
7056    AOT_have [«»] by "cqt:2[lambda]"
7057  } note 1 = this
7058  moreover AOT_have ¬𝒜[«»]b & ¬Δ[«»]b & 𝒜[«»]a & ¬Δ[«»]a
7059  proof (safe intro!: "&I"; AOT_subst y A!y & ¬q0]x A!x & ¬q0 for: x)
7060    AOT_show ¬𝒜([A!]b & ¬q0)
7061      using "Act-Basic:2" "&E"(1) "≡E"(1) not_act_abs_b "raa-cor:3" by blast
7062  next AOT_show ¬Δ([A!]b & ¬q0)
7063      by (meson "RM◇" Delta_pos "Conjunction Simplification"(1) "≡E"(4)
7064                "modus-tollens:1" not_act_abs_b "oa-facts:4" "oa-facts:8")
7065  next AOT_show 𝒜([A!]a & ¬q0)
7066      by (metis "Act-Basic:1" "Act-Basic:2" act_abs_a "&I" "∨E"(2)
7067                "≡E"(3) not_act_q_zero "raa-cor:3")
7068  next AOT_show ¬Δ([A!]a & ¬q0)
7069    proof (rule act_and_not_nec_not_delta)
7070      AOT_show 𝒜([A!]a & ¬q0)
7071        by (metis "Act-Basic:1" "Act-Basic:2" act_abs_a "&I" "∨E"(2)
7072                  "≡E"(3) not_act_q_zero "raa-cor:3")
7073    next
7074      AOT_show ¬([A!]a & ¬q0)
7075        by (metis "KBasic2:1" "KBasic:3" "&E"(1) "&E"(2) "≡E"(4)
7076                  q0_prop "raa-cor:3")
7077    qed
7078  qed(auto simp: "beta-C-meta"[THEN "→E", OF 1])
7079  ultimately AOT_obtain F2 where ¬𝒜[F2]b & ¬Δ[F2]b & 𝒜[F2]a & ¬Δ[F2]a
7080    using "∃I"(1)[rotated, THEN "∃E"[rotated]] by fastforce
7081  AOT_hence ¬𝒜[F2]b and ¬Δ[F2]b and 𝒜[F2]a and ¬Δ[F2]a
7082    using "&E" by blast+
7083  note props = props this
7084
7085  AOT_have abstract_prop: ¬𝒜[A!]b & ¬Δ[A!]b & 𝒜[A!]a & Δ[A!]a
7086    using act_abs_a "&I" delta_abs_a not_act_abs_b not_delta_abs_b
7087    by presburger
7088  then AOT_obtain F3 where ¬𝒜[F3]b & ¬Δ[F3]b & 𝒜[F3]a & Δ[F3]a
7089    using "∃I"(1)[rotated, THEN "∃E"[rotated]] "oa-exist:2" by fastforce
7090  AOT_hence ¬𝒜[F3]b and ¬Δ[F3]b and 𝒜[F3]a and Δ[F3]a
7091    using "&E" by blast+
7092  note props = props this
7093
7094  AOT_have ¬𝒜[E!]b & Δ[E!]b & ¬𝒜[E!]a & ¬Δ[E!]a
7095    by (meson "&I" delta_concrete_b not_act_concrete_a
7096              not_act_concrete_b not_delta_concrete_a)
7097  then AOT_obtain F4 where ¬𝒜[F4]b & Δ[F4]b & ¬𝒜[F4]a & ¬Δ[F4]a
7098    using "cqt:2[concrete]"[axiom_inst] "∃I"(1)[rotated, THEN "∃E"[rotated]]
7099    by fastforce
7100  AOT_hence ¬𝒜[F4]b and Δ[F4]b and ¬𝒜[F4]a and ¬Δ[F4]a
7101    using "&E" by blast+
7102  note props = props this
7103
7104  AOT_modally_strict {
7105    AOT_have y q0] by "cqt:2[lambda]"
7106  } note 1 = this
7107  moreover AOT_have ¬𝒜y q0]b & Δy q0]b & ¬𝒜y q0]a & Δy q0]a
7108    by (safe intro!: "&I"; AOT_subst y q0]b q0 for: b)
7109       (auto simp: not_act_q_zero delta_q_zero  "beta-C-meta"[THEN "→E", OF 1])
7110  ultimately AOT_obtain F5 where ¬𝒜[F5]b & Δ[F5]b & ¬𝒜[F5]a & Δ[F5]a
7111    using "cqt:2[concrete]"[axiom_inst] "∃I"(1)[rotated, THEN "∃E"[rotated]]
7112    by fastforce
7113  AOT_hence ¬𝒜[F5]b and Δ[F5]b and ¬𝒜[F5]a and Δ[F5]a
7114    using "&E" by blast+
7115  note props = props this
7116
7117  let  = "«y [E!]y  ([A!]y & ¬q0)]»"
7118  AOT_modally_strict {
7119    AOT_have [«»] by "cqt:2[lambda]"
7120  } note 1 = this
7121  moreover AOT_have ¬𝒜[«»]b & Δ[«»]b & 𝒜[«»]a & ¬Δ[«»]a
7122  proof(safe intro!: "&I";
7123        AOT_subst y E!y  (A!y & ¬q0)]x E!x  (A!x & ¬q0) for: x)
7124    AOT_have 𝒜¬([A!]b & ¬q0)
7125      by (metis "Act-Basic:1" "Act-Basic:2" abstract_prop "&E"(1) "∨E"(2)
7126                "≡E"(1) "raa-cor:3")
7127    moreover AOT_have ¬𝒜[E!]b
7128      using b_prop "&E"(2) by blast
7129    ultimately AOT_have 2: 𝒜(¬[E!]b & ¬([A!]b & ¬q0))
7130      by (metis "Act-Basic:2" "Act-Sub:1" "&I" "≡E"(3) "raa-cor:1")
7131    AOT_have 𝒜¬([E!]b  ([A!]b & ¬q0))
7132      by (AOT_subst ¬([E!]b  ([A!]b & ¬q0)) ¬[E!]b & ¬([A!]b & ¬q0))
7133         (auto simp: "oth-class-taut:5:d" 2)
7134    AOT_thus ¬𝒜([E!]b  ([A!]b & ¬q0))
7135      by (metis "¬¬I" "Act-Sub:1" "≡E"(4))
7136  next
7137    AOT_show Δ([E!]b  ([A!]b & ¬q0))
7138    proof (rule not_act_and_pos_delta)
7139      AOT_show ¬𝒜([E!]b  ([A!]b & ¬q0))
7140        by (metis "Act-Basic:2" "Act-Basic:9" "∨E"(2) "raa-cor:3"
7141                  "Conjunction Simplification"(1) "≡E"(4)
7142                  "modus-tollens:1" not_act_abs_b not_act_concrete_b)
7143    next
7144      AOT_show ([E!]b  ([A!]b & ¬q0))
7145        using "KBasic2:2" b_prop "&E"(1) "∨I"(1) "≡E"(3) "raa-cor:3" by blast
7146    qed
7147  next AOT_show 𝒜([E!]a  ([A!]a & ¬q0))
7148      by (metis "Act-Basic:1" "Act-Basic:2" "Act-Basic:9" act_abs_a "&I"
7149                "∨I"(2) "∨E"(2) "≡E"(3) not_act_q_zero "raa-cor:1")
7150  next AOT_show ¬Δ([E!]a  ([A!]a & ¬q0))
7151    proof (rule act_and_not_nec_not_delta)
7152      AOT_show 𝒜([E!]a  ([A!]a & ¬q0))
7153        by (metis "Act-Basic:1" "Act-Basic:2" "Act-Basic:9" act_abs_a "&I"
7154                  "∨I"(2) "∨E"(2) "≡E"(3) not_act_q_zero "raa-cor:1")
7155    next
7156      AOT_have ¬[E!]a
7157        by (metis "≡dfI" "conventions:5" "&I" "∨I"(2)
7158                  necessary_or_contingently_false
7159                  not_act_concrete_a not_delta_concrete_a "raa-cor:3")
7160      moreover AOT_have ¬([A!]a & ¬q0)
7161        by (metis "KBasic2:1" "KBasic:11" "KBasic:3"
7162                  "&E"(1,2) "≡E"(1) q0_prop "raa-cor:3")
7163      ultimately AOT_have (¬[E!]a & ¬([A!]a & ¬q0))
7164        by (metis "KBasic:16" "&I" "vdash-properties:10")
7165      AOT_hence ¬([E!]a  ([A!]a & ¬q0))
7166        by (metis "RE◇" "≡E"(2) "oth-class-taut:5:d")
7167      AOT_thus ¬([E!]a  ([A!]a & ¬q0))
7168        by (metis "KBasic:12" "≡E"(1) "raa-cor:3")
7169    qed
7170  qed(auto simp: "beta-C-meta"[THEN "→E", OF 1])
7171  ultimately AOT_obtain F6 where ¬𝒜[F6]b & Δ[F6]b & 𝒜[F6]a & ¬Δ[F6]a
7172    using "∃I"(1)[rotated, THEN "∃E"[rotated]] by fastforce
7173  AOT_hence ¬𝒜[F6]b and Δ[F6]b and 𝒜[F6]a and ¬Δ[F6]a
7174    using "&E" by blast+
7175  note props = props this
7176
7177  let  = "«y [A!]y  [E!]y]»"
7178  AOT_modally_strict {
7179    AOT_have [«»] by "cqt:2[lambda]"
7180  } note 1 = this
7181  moreover AOT_have ¬𝒜[«»]b & Δ[«»]b & 𝒜[«»]a & Δ[«»]a
7182  proof(safe intro!: "&I"; AOT_subst y A!y  E!y]x A!x  E!x for: x)
7183    AOT_show ¬𝒜([A!]b  [E!]b)
7184      using "Act-Basic:9" "∨E"(2) "≡E"(4) not_act_abs_b
7185            not_act_concrete_b "raa-cor:3" by blast
7186  next AOT_show Δ([A!]b  [E!]b)
7187    proof (rule not_act_and_pos_delta)
7188      AOT_show ¬𝒜([A!]b  [E!]b)
7189        using "Act-Basic:9" "∨E"(2) "≡E"(4) not_act_abs_b
7190              not_act_concrete_b "raa-cor:3" by blast
7191    next AOT_show ([A!]b  [E!]b)
7192        using "KBasic2:2" b_prop "&E"(1) "∨I"(2) "≡E"(2) by blast
7193    qed
7194  next AOT_show 𝒜([A!]a  [E!]a)
7195      by (meson "Act-Basic:9" act_abs_a "∨I"(1) "≡E"(2))
7196  next AOT_show Δ([A!]a  [E!]a)
7197    proof (rule nec_delta)
7198      AOT_show ([A!]a  [E!]a)
7199        by (metis "KBasic:15" act_abs_a act_and_not_nec_not_delta
7200                  "Disjunction Addition"(1) delta_abs_a "raa-cor:3" "→E")
7201    qed
7202  qed(auto simp: "beta-C-meta"[THEN "→E", OF 1])
7203  ultimately AOT_obtain F7 where ¬𝒜[F7]b & Δ[F7]b & 𝒜[F7]a & Δ[F7]a
7204    using "∃I"(1)[rotated, THEN "∃E"[rotated]] by fastforce
7205  AOT_hence ¬𝒜[F7]b and Δ[F7]b and 𝒜[F7]a and Δ[F7]a
7206    using "&E" by blast+
7207  note props = props this
7208
7209  let  = "«y [O!]y & ¬[E!]y]»"
7210  AOT_modally_strict {
7211    AOT_have [«»] by "cqt:2[lambda]"
7212  } note 1 = this
7213  moreover AOT_have 𝒜[«»]b & ¬Δ[«»]b & ¬𝒜[«»]a & ¬Δ[«»]a
7214  proof(safe intro!: "&I"; AOT_subst y O!y & ¬E!y]x O!x & ¬E!x for: x)
7215    AOT_show 𝒜([O!]b & ¬[E!]b)
7216      by (metis "Act-Basic:1" "Act-Basic:2" act_ord_b "&I" "∨E"(2)
7217                "≡E"(3) not_act_concrete_b "raa-cor:3")
7218  next AOT_show ¬Δ([O!]b & ¬[E!]b)
7219      by (metis (no_types, hide_lams) "conventions:5" "Act-Sub:1" "RM:1"
7220                act_and_not_nec_not_delta "act-conj-act:3"
7221                act_ord_b b_prop "&I" "&E"(1) "Conjunction Simplification"(2)
7222                "df-rules-formulas[3]"
7223                "≡E"(3) "raa-cor:1" "→E")
7224  next AOT_show ¬𝒜([O!]a & ¬[E!]a)
7225      using "Act-Basic:2" "&E"(1) "≡E"(1) not_act_ord_a "raa-cor:3" by blast
7226  next AOT_have ¬([O!]a & ¬[E!]a)
7227      by (metis "KBasic2:3" "&E"(1) "≡E"(4) not_act_ord_a "oa-facts:3"
7228                "oa-facts:7" "raa-cor:3" "vdash-properties:10")
7229    AOT_thus ¬Δ([O!]a & ¬[E!]a)
7230      by (rule impossible_delta)
7231  qed(auto simp: "beta-C-meta"[THEN "→E", OF 1])
7232  ultimately AOT_obtain F8 where 𝒜[F8]b & ¬Δ[F8]b & ¬𝒜[F8]a & ¬Δ[F8]a
7233    using "∃I"(1)[rotated, THEN "∃E"[rotated]] by fastforce
7234  AOT_hence 𝒜[F8]b and ¬Δ[F8]b and ¬𝒜[F8]a and ¬Δ[F8]a
7235    using "&E" by blast+
7236  note props = props this
7237
7238  let  = "«y ¬[E!]y & ([O!]y  q0)]»"
7239  AOT_modally_strict {
7240    AOT_have [«»] by "cqt:2[lambda]"
7241  } note 1 = this
7242  moreover AOT_have 𝒜[«»]b & ¬Δ[«»]b & ¬𝒜[«»]a & Δ[«»]a
7243  proof(safe intro!: "&I";
7244        AOT_subst y ¬E!y & (O!y  q0)]x ¬E!x & (O!x  q0) for: x)
7245    AOT_show 𝒜(¬[E!]b & ([O!]b  q0))
7246      by (metis "Act-Basic:1" "Act-Basic:2" "Act-Basic:9" act_ord_b "&I"
7247                "∨I"(1) "∨E"(2) "≡E"(3) not_act_concrete_b "raa-cor:1")
7248  next AOT_show ¬Δ(¬[E!]b & ([O!]b  q0))
7249    proof (rule act_and_pos_not_not_delta)
7250      AOT_show 𝒜(¬[E!]b & ([O!]b  q0))
7251        by (metis "Act-Basic:1" "Act-Basic:2" "Act-Basic:9" act_ord_b "&I"
7252                  "∨I"(1) "∨E"(2) "≡E"(3) not_act_concrete_b "raa-cor:1")
7253    next
7254      AOT_show ¬(¬[E!]b & ([O!]b  q0))
7255      proof (AOT_subst ¬(¬[E!]b & ([O!]b  q0)) [E!]b  ¬([O!]b  q0))
7256        AOT_modally_strict {
7257          AOT_show ¬(¬[E!]b & ([O!]b  q0))  [E!]b  ¬([O!]b  q0)
7258            by (metis "&I" "&E"(1,2) "∨I"(1,2) "∨E"(2)
7259                      "→I" "≡I" "reductio-aa:1")
7260        }
7261      next
7262        AOT_show ([E!]b  ¬([O!]b  q0))
7263          using "KBasic2:2" b_prop "&E"(1) "∨I"(1) "≡E"(3)
7264                "raa-cor:3" by blast
7265       qed
7266     qed
7267   next
7268     AOT_show ¬𝒜(¬[E!]a & ([O!]a  q0))
7269       using "Act-Basic:2" "Act-Basic:9" "&E"(2) "∨E"(3) "≡E"(1)
7270             not_act_ord_a not_act_q_zero "reductio-aa:2" by blast
7271   next
7272     AOT_show Δ(¬[E!]a & ([O!]a  q0))
7273     proof (rule not_act_and_pos_delta)
7274       AOT_show ¬𝒜(¬[E!]a & ([O!]a  q0))
7275         by (metis "Act-Basic:2" "Act-Basic:9" "&E"(2) "∨E"(3) "≡E"(1)
7276                   not_act_ord_a not_act_q_zero "reductio-aa:2")
7277     next
7278       AOT_have ¬[E!]a
7279         using "KBasic2:1" "≡E"(2) not_act_and_pos_delta not_act_concrete_a
7280               not_delta_concrete_a "raa-cor:5" by blast
7281       moreover AOT_have ([O!]a  q0)
7282         by (metis "KBasic2:2" "&E"(1) "∨I"(2) "≡E"(3) q0_prop "raa-cor:3")
7283       ultimately AOT_show (¬[E!]a & ([O!]a  q0))
7284         by (metis "KBasic:16" "&I" "vdash-properties:10")
7285     qed
7286   qed(auto simp:  "beta-C-meta"[THEN "→E", OF 1])
7287  ultimately AOT_obtain F9 where 𝒜[F9]b & ¬Δ[F9]b & ¬𝒜[F9]a & Δ[F9]a
7288    using "∃I"(1)[rotated, THEN "∃E"[rotated]] by fastforce
7289  AOT_hence 𝒜[F9]b and ¬Δ[F9]b and ¬𝒜[F9]a and Δ[F9]a
7290    using "&E" by blast+
7291  note props = props this
7292
7293  AOT_modally_strict {
7294    AOT_have y ¬q0] by "cqt:2[lambda]"
7295  } note 1 = this
7296  moreover AOT_have 𝒜y ¬q0]b & ¬Δy ¬q0]b & 𝒜y ¬q0]a & ¬Δy ¬q0]a
7297    by (safe intro!: "&I"; AOT_subst y ¬q0]x ¬q0 for: x)
7298       (auto simp: act_not_q_zero not_delta_not_q_zero
7299                   "beta-C-meta"[THEN "→E", OF 1])
7300  ultimately AOT_obtain F10 where 𝒜[F10]b & ¬Δ[F10]b & 𝒜[F10]a & ¬Δ[F10]a
7301    using "∃I"(1)[rotated, THEN "∃E"[rotated]] by fastforce
7302  AOT_hence 𝒜[F10]b and ¬Δ[F10]b and 𝒜[F10]a and ¬Δ[F10]a
7303    using "&E" by blast+
7304  note props = props this
7305
7306  AOT_modally_strict {
7307    AOT_have y ¬[E!]y] by "cqt:2[lambda]"
7308  } note 1 = this
7309  moreover AOT_have 𝒜y ¬[E!]y]b & ¬Δy ¬[E!]y]b &
7310                     𝒜y ¬[E!]y]a & Δy ¬[E!]y]a
7311  proof (safe intro!: "&I"; AOT_subst y ¬[E!]y]x ¬[E!]x for: x)
7312    AOT_show 𝒜¬[E!]b
7313      using "Act-Basic:1" "∨E"(2) not_act_concrete_b by blast
7314  next AOT_show ¬Δ¬[E!]b
7315      using "≡dfE" "conventions:5" "Act-Basic:1" act_and_not_nec_not_delta
7316            b_prop "&E"(1) "∨E"(2) not_act_concrete_b by blast
7317  next AOT_show 𝒜¬[E!]a
7318      using "Act-Basic:1" "∨E"(2) not_act_concrete_a by blast
7319  next AOT_show Δ¬[E!]a
7320      using "KBasic2:1" "≡E"(2) nec_delta not_act_and_pos_delta
7321            not_act_concrete_a not_delta_concrete_a "reductio-aa:1"
7322      by blast
7323  qed(auto simp: "beta-C-meta"[THEN "→E", OF 1])
7324  ultimately AOT_obtain F11 where 𝒜[F11]b & ¬Δ[F11]b & 𝒜[F11]a & Δ[F11]a
7325    using "∃I"(1)[rotated, THEN "∃E"[rotated]] by fastforce
7326  AOT_hence 𝒜[F11]b and ¬Δ[F11]b and 𝒜[F11]a and Δ[F11]a
7327    using "&E" by blast+
7328  note props = props this
7329
7330  AOT_have 𝒜[O!]b & Δ[O!]b & ¬𝒜[O!]a & ¬Δ[O!]a
7331    by (simp add: act_ord_b "&I" delta_ord_b not_act_ord_a not_delta_ord_a)
7332  then AOT_obtain F12 where 𝒜[F12]b & Δ[F12]b & ¬𝒜[F12]a & ¬Δ[F12]a
7333    using "oa-exist:1" "∃I"(1)[rotated, THEN "∃E"[rotated]] by fastforce
7334  AOT_hence 𝒜[F12]b and Δ[F12]b and ¬𝒜[F12]a and ¬Δ[F12]a
7335    using "&E" by blast+
7336  note props = props this
7337
7338  let  = "«y [O!]y  q0]»"
7339  AOT_modally_strict {
7340    AOT_have [«»] by "cqt:2[lambda]"
7341  } note 1 = this
7342  moreover AOT_have 𝒜[«»]b & Δ[«»]b & ¬𝒜[«»]a & Δ[«»]a
7343  proof (safe intro!: "&I"; AOT_subst y O!y  q0]x O!x  q0 for: x)
7344    AOT_show 𝒜([O!]b  q0)
7345      by (meson "Act-Basic:9" act_ord_b "∨I"(1) "≡E"(2))
7346  next AOT_show Δ([O!]b  q0)
7347      by (meson "KBasic:15" b_ord "∨I"(1) nec_delta "oa-facts:1" "→E")
7348  next AOT_show ¬𝒜([O!]a  q0)
7349      using "Act-Basic:9" "∨E"(2) "≡E"(4) not_act_ord_a
7350            not_act_q_zero "raa-cor:3" by blast
7351  next AOT_show Δ([O!]a  q0)
7352    proof (rule not_act_and_pos_delta)
7353      AOT_show ¬𝒜([O!]a  q0)
7354        using "Act-Basic:9" "∨E"(2) "≡E"(4) not_act_ord_a
7355              not_act_q_zero "raa-cor:3" by blast
7356    next AOT_show ([O!]a  q0)
7357        using "KBasic2:2" "&E"(1) "∨I"(2) "≡E"(2) q0_prop by blast
7358    qed
7359  qed(auto simp: "beta-C-meta"[THEN "→E", OF 1])
7360  ultimately AOT_obtain F13 where 𝒜[F13]b & Δ[F13]b & ¬𝒜[F13]a & Δ[F13]a
7361    using "∃I"(1)[rotated, THEN "∃E"[rotated]] by fastforce
7362  AOT_hence 𝒜[F13]b and Δ[F13]b and ¬𝒜[F13]a and Δ[F13]a
7363    using "&E" by blast+
7364  note props = props this
7365
7366  let  = "«y [O!]y  ¬q0]»"
7367  AOT_modally_strict {
7368     AOT_have [«»] by "cqt:2[lambda]"
7369  } note 1 = this
7370  moreover AOT_have 𝒜[«»]b & Δ[«»]b & 𝒜[«»]a & ¬Δ[«»]a
7371  proof (safe intro!: "&I"; AOT_subst y O!y  ¬q0]x O!x  ¬q0 for: x)
7372    AOT_show 𝒜([O!]b  ¬q0)
7373      by (meson "Act-Basic:9" act_not_q_zero "∨I"(2) "≡E"(2))
7374  next AOT_show Δ([O!]b  ¬q0)
7375      by (meson "KBasic:15" b_ord "∨I"(1) nec_delta "oa-facts:1" "→E")
7376  next AOT_show 𝒜([O!]a  ¬q0)
7377      by (meson "Act-Basic:9" act_not_q_zero "∨I"(2) "≡E"(2))
7378  next AOT_show ¬Δ([O!]a  ¬q0)
7379    proof(rule act_and_pos_not_not_delta)
7380      AOT_show 𝒜([O!]a  ¬q0)
7381        by (meson "Act-Basic:9" act_not_q_zero "∨I"(2) "≡E"(2))
7382    next
7383      AOT_have ¬[O!]a
7384        using "KBasic2:1" "≡E"(2) not_act_and_pos_delta
7385              not_act_ord_a not_delta_ord_a "raa-cor:6" by blast
7386      moreover AOT_have q0
7387        by (meson "&E"(1) q0_prop)
7388      ultimately AOT_have 2: (¬[O!]a & q0)
7389         by (metis "KBasic:16" "&I" "vdash-properties:10")
7390      AOT_show ¬([O!]a  ¬q0)
7391      proof (AOT_subst (reverse) ¬([O!]a  ¬q0) ¬[O!]a & q0)
7392        AOT_modally_strict {
7393          AOT_show ¬[O!]a & q0  ¬([O!]a  ¬q0)
7394            by (metis "&I" "&E"(1) "&E"(2) "∨I"(1) "∨I"(2)
7395                      "∨E"(3) "deduction-theorem" "≡I" "raa-cor:3")
7396        }
7397      next
7398        AOT_show (¬[O!]a & q0)
7399          using "2" by blast
7400      qed
7401    qed
7402  qed(auto simp: "beta-C-meta"[THEN "→E", OF 1])
7403  ultimately AOT_obtain F14 where 𝒜[F14]b & Δ[F14]b & 𝒜[F14]a & ¬Δ[F14]a
7404    using "∃I"(1)[rotated, THEN "∃E"[rotated]] by fastforce
7405  AOT_hence 𝒜[F14]b and Δ[F14]b and 𝒜[F14]a and ¬Δ[F14]a
7406    using "&E" by blast+
7407  note props = props this
7408
7409  AOT_have [L]
7410    by (rule "=dfI"(2)[OF L_def]) "cqt:2[lambda]"+
7411  moreover AOT_have 𝒜[L]b & Δ[L]b & 𝒜[L]a & Δ[L]a
7412  proof (safe intro!: "&I")
7413    AOT_show 𝒜[L]b
7414      by (meson nec_L "nec-imp-act" "vdash-properties:10")
7415    next AOT_show Δ[L]b using nec_L nec_delta by blast
7416    next AOT_show 𝒜[L]a by (meson nec_L "nec-imp-act" "→E")
7417    next AOT_show Δ[L]a using nec_L nec_delta by blast
7418  qed
7419  ultimately AOT_obtain F15 where 𝒜[F15]b & Δ[F15]b & 𝒜[F15]a & Δ[F15]a
7420    using "∃I"(1)[rotated, THEN "∃E"[rotated]] by fastforce
7421  AOT_hence 𝒜[F15]b and Δ[F15]b and 𝒜[F15]a and Δ[F15]a
7422    using "&E" by blast+
7423  note props = props this
7424
7425  show ?thesis
7426    by (rule "∃I"(2)[where β=F0]; rule "∃I"(2)[where β=F1];
7427        rule "∃I"(2)[where β=F2]; rule "∃I"(2)[where β=F3];
7428        rule "∃I"(2)[where β=F4]; rule "∃I"(2)[where β=F5];
7429        rule "∃I"(2)[where β=F6]; rule "∃I"(2)[where β=F7];
7430        rule "∃I"(2)[where β=F8]; rule "∃I"(2)[where β=F9];
7431        rule "∃I"(2)[where β=F10]; rule "∃I"(2)[where β=F11];
7432        rule "∃I"(2)[where β=F12]; rule "∃I"(2)[where β=F13];
7433        rule "∃I"(2)[where β=F14]; rule "∃I"(2)[where β=F15];
7434        safe intro!: "&I")
7435       (match conclusion in "[?v  [F]  [G]]" for F G  7436        match props in A: "[?v  ¬φ{F}]" for φ 7437        match (φ) in "λa . ?p" fail¦ "λa . a" fail¦ _ 7438        match props in B: "[?v  φ{G}]" 7439        fact "pos-not-equiv-ne:4"[where F=F and G=G and φ=φ, THEN "→E",
7440                                OF "oth-class-taut:4:h"[THEN "≡E"(2)],
7441                                OF "Disjunction Addition"(2)[THEN "→E"],
7442                                OF "&I", OF A, OF B]››››)+
7443qed
7444
7445subsection‹The Theory of Objects›
7446text‹\label{PLM: 9.11}›
7447
7448AOT_theorem "o-objects-exist:1": x O!x
7449proof(rule RN)
7450  AOT_modally_strict {
7451    AOT_obtain a where (E!a & ¬𝒜[E!]a)
7452      using "∃E"[rotated, OF "qml:4"[axiom_inst, THEN "BF◇"[THEN "→E"]]]
7453      by blast
7454    AOT_hence 1: E!a by (metis "KBasic2:3" "&E"(1) "→E")
7455    AOT_have x [E!]x]a
7456    proof (rule "β←C"(1); "cqt:2[lambda]"?)
7457      AOT_show a using "cqt:2[const_var]"[axiom_inst] by blast
7458    next
7459      AOT_show E!a by (fact 1)
7460    qed
7461    AOT_hence O!a by (rule "=dfI"(2)[OF AOT_ordinary, rotated]) "cqt:2"
7462    AOT_thus x [O!]x by (rule "∃I")
7463  }
7464qed
7465
7466AOT_theorem "o-objects-exist:2": x A!x
7467proof (rule RN)
7468  AOT_modally_strict {
7469    AOT_obtain a where [A!]a
7470      using "A-objects"[axiom_inst] "∃E"[rotated] "&E" by blast
7471    AOT_thus x A!x using "∃I" by blast
7472  }
7473qed
7474
7475AOT_theorem "o-objects-exist:3": ¬x O!x
7476  by (rule RN)
7477     (metis (no_types, hide_lams) "∃E" "cqt-orig:1[const_var]"
7478        "≡E"(4) "modus-tollens:1" "o-objects-exist:2" "oa-contingent:2"
7479        "qml:2"[axiom_inst] "reductio-aa:2")
7480
7481AOT_theorem "o-objects-exist:4": ¬x A!x
7482  by (rule RN)
7483     (metis (mono_tags, hide_lams) "∃E" "cqt-orig:1[const_var]"
7484        "≡E"(1) "modus-tollens:1" "o-objects-exist:1" "oa-contingent:2"
7485        "qml:2"[axiom_inst] "→E")
7486
7487AOT_theorem "o-objects-exist:5": ¬x E!x
7488proof (rule RN; rule "raa-cor:2")
7489  AOT_modally_strict {
7490    AOT_assume x E!x
7491    moreover AOT_obtain a where abs: A!a
7492      using "o-objects-exist:2"[THEN "qml:2"[axiom_inst, THEN "→E"]]
7493            "∃E"[rotated] by blast
7494    ultimately AOT_have E!a using "∀E" by blast
7495    AOT_hence 1: E!a by (metis "T◇" "→E")
7496    AOT_have y E!y]a
7497    proof (rule "β←C"(1); "cqt:2[lambda]"?)
7498      AOT_show a using "cqt:2[const_var]"[axiom_inst].
7499    next
7500      AOT_show E!a by (fact 1)
7501    qed
7502    AOT_hence O!a
7503      by (rule "=dfI"(2)[OF AOT_ordinary, rotated]) "cqt:2[lambda]"
7504    AOT_hence ¬A!a by (metis "≡E"(1) "oa-contingent:2") 
7505    AOT_thus p & ¬p for p using abs by (metis "raa-cor:3")
7506  }
7507qed
7508
7509AOT_theorem partition: ¬x (O!x & A!x)
7510proof(rule "raa-cor:2")
7511  AOT_assume x (O!x & A!x)
7512  then AOT_obtain a where O!a & A!a
7513    using "∃E"[rotated] by blast
7514  AOT_thus p & ¬p for p
7515    by (metis "&E"(1) "Conjunction Simplification"(2) "≡E"(1)
7516              "modus-tollens:1" "oa-contingent:2" "raa-cor:3")
7517qed
7518
7519AOT_define eq_E :: ‹Π› ("'(=E')")
7520  "=E": (=E) =df xy O!x & O!y & F ([F]x  [F]y)]
7521
7522syntax "_AOT_eq_E_infix" :: ‹τ  τ  φ› (infixl "=E" 50)
7523translations
7524  "_AOT_eq_E_infix κ κ'" == "CONST AOT_exe (CONST eq_E) (CONST Pair κ κ')"
7525(* TODO: try to replace by a simple translations pattern *)
7526print_translation7527AOT_syntax_print_translations
7528[(const_syntax‹AOT_exe›, fn ctxt => fn [
7529  Const ("constAOT_PLM.eq_E", _),
7530  Const (const_syntax‹Pair›, _) $ lhs $ rhs
7531] => Const (syntax_const‹_AOT_eq_E_infix›, dummyT) $ lhs $ rhs)]
7532
7533text‹Note: Not explicitly mentioned as theorem in PLM.›
7534AOT_theorem "=E[denotes]": [(=E)]
7535  by (rule "=dfI"(2)[OF "=E"]) "cqt:2[lambda]"+
7536
7537AOT_theorem "=E-simple:1": x =E y  (O!x & O!y & F ([F]x  [F]y))
7538proof -
7539  (* TODO: rethink the product hacks *)
7540  AOT_have 0: «(AOT_term_of_var x,AOT_term_of_var y)»
7541    by (simp add: "&I" "cqt:2[const_var]"[axiom_inst] prod_denotesI)
7542  AOT_have 1: xy [O!]x & [O!]y & F ([F]x  [F]y)] by "cqt:2"
7543  show ?thesis apply (rule "=dfI"(2)[OF "=E"]; "cqt:2[lambda]"?)
7544    using "beta-C-meta"[THEN "→E", OF 1, unvarify ν1νn, of "(_,_)", OF 0]
7545    by fast
7546qed
7547
7548AOT_theorem "=E-simple:2": x =E y  x = y
7549proof (rule "→I")
7550  AOT_assume x =E y
7551  AOT_hence O!x & O!y & F ([F]x  [F]y)
7552    using "=E-simple:1"[THEN "≡E"(1)] by blast
7553  AOT_thus x = y
7554    using "≡dfI"[OF "identity:1"] "∨I" by blast
7555qed
7556
7557AOT_theorem "id-nec3:1": x =E y  (x =E y)
7558proof (rule "≡I"; rule "→I")
7559  AOT_assume x =E y
7560  AOT_hence O!x & O!y & F ([F]x  [F]y)
7561    using "=E-simple:1" "≡E" by blast
7562  AOT_hence O!x & O!y & F ([F]x  [F]y)
7563    by (metis "S5Basic:6" "&I" "&E"(1) "&E"(2) "≡E"(4)
7564              "oa-facts:1" "raa-cor:3" "vdash-properties:10")
7565  AOT_hence (O!x & O!y & F ([F]x  [F]y))
7566    by (metis "&E"(1) "&E"(2) "≡E"(2) "KBasic:3" "&I")
7567  AOT_thus (x =E y)
7568    using "=E-simple:1"
7569    by (AOT_subst x =E y O!x & O!y & F ([F]x  [F]y)) auto
7570next
7571  AOT_assume (x =E y)
7572  AOT_thus x =E y using "qml:2"[axiom_inst, THEN "→E"] by blast
7573qed
7574
7575AOT_theorem "id-nec3:2": (x =E y)  x =E y
7576  by (meson "RE◇" "S5Basic:2" "id-nec3:1" "≡E"(1,5) "Commutativity of ≡")
7577
7578AOT_theorem "id-nec3:3": (x =E y)  (x =E y)
7579  by (meson "id-nec3:1" "id-nec3:2" "≡E"(5))
7580
7581syntax "_AOT_non_eq_E" :: ‹Π› ("'(≠E')")
7582translations
7583  (Π) "(≠E)" == (Π) "(=E)-"
7584syntax "_AOT_non_eq_E_infix" :: ‹τ  τ  φ› (infixl "E" 50)
7585translations
7586 "_AOT_non_eq_E_infix κ κ'" ==
7587 "CONST AOT_exe (CONST relation_negation (CONST eq_E)) (CONST Pair κ κ')"
7588(* TODO: try replacing be a simple translations pattern *)
7589print_translation7590AOT_syntax_print_translations
7591[(const_syntax‹AOT_exe›, fn ctxt => fn [
7592  Const (const_syntax‹relation_negation›, _) $ Const ("constAOT_PLM.eq_E", _),
7593  Const (const_syntax‹Pair›, _) $ lhs $ rhs
7594] => Const (syntax_const‹_AOT_non_eq_E_infix›, dummyT) $ lhs $ rhs)]
7595AOT_theorem "thm-neg=E": x E y  ¬(x =E y)
7596proof -
7597  (* TODO: try to avoid the product hacks *)
7598  AOT_have 0: «(AOT_term_of_var x,AOT_term_of_var y)»
7599    by (simp add: "&I" "cqt:2[const_var]"[axiom_inst] prod_denotesI)
7600  AOT_have θ: x1...x2 ¬(=E)x1...x2] by "cqt:2"
7601  AOT_have x E y  x1...x2 ¬(=E)x1...x2]xy
7602    by (rule "=dfI"(1)[OF "df-relation-negation", OF θ])
7603       (meson "oth-class-taut:3:a")
7604  also AOT_have   ¬(=E)xy
7605    apply (rule "beta-C-meta"[THEN "→E", unvarify ν1νn])
7606     apply "cqt:2[lambda]"
7607    by (fact 0)
7608  finally show ?thesis.
7609qed
7610
7611AOT_theorem "id-nec4:1": x E y  (x E y)
7612proof -
7613  AOT_have x E y  ¬(x =E y) using "thm-neg=E".
7614  also AOT_have   ¬(x =E y)
7615    by (meson "id-nec3:2" "≡E"(1) "Commutativity of ≡" "oth-class-taut:4:b")
7616  also AOT_have   ¬(x =E y)
7617    by (meson "KBasic2:1" "≡E"(2) "Commutativity of ≡")
7618  also AOT_have   (x E y)
7619    by (AOT_subst (reverse) ¬(x =E y) x E y)
7620       (auto simp: "thm-neg=E" "oth-class-taut:3:a")
7621  finally show ?thesis.
7622qed
7623
7624AOT_theorem "id-nec4:2": (x E y)  (x E y)
7625  by (meson "RE◇" "S5Basic:2" "id-nec4:1" "≡E"(2,5) "Commutativity of ≡")
7626
7627AOT_theorem "id-nec4:3": (x E y)  (x E y)
7628  by (meson "id-nec4:1" "id-nec4:2" "≡E"(5))
7629
7630AOT_theorem "id-act2:1": x =E y  𝒜x =E y
7631  by (meson "Act-Basic:5" "Act-Sub:2" "RA[2]" "id-nec3:2" "≡E"(1,6))
7632AOT_theorem "id-act2:2": x E y  𝒜x E y
7633  by (meson "Act-Basic:5" "Act-Sub:2" "RA[2]" "id-nec4:2" "≡E"(1,6))
7634
7635AOT_theorem "ord=Eequiv:1": O!x  x =E x
7636proof (rule "→I")
7637  AOT_assume 1: O!x
7638  AOT_show x =E x
7639    apply (rule "=dfI"(2)[OF "=E"]) apply "cqt:2[lambda]"
7640    apply (rule "β←C"(1))
7641      apply "cqt:2[lambda]"
7642     apply (simp add: "&I" "cqt:2[const_var]"[axiom_inst] prod_denotesI)
7643    by (simp add: "1" RN "&I" "oth-class-taut:3:a" "universal-cor")
7644qed
7645
7646AOT_theorem "ord=Eequiv:2": x =E y  y =E x
7647proof(rule CP)
7648  AOT_assume 1: x =E y
7649  AOT_hence 2: x = y by (metis "=E-simple:2" "vdash-properties:10") 
7650  AOT_have O!x using 1 by (meson "&E"(1) "=E-simple:1" "≡E"(1))
7651  AOT_hence x =E x using "ord=Eequiv:1" "→E" by blast
7652  AOT_thus y =E x using "rule=E"[rotated, OF 2] by fast
7653qed
7654
7655AOT_theorem "ord=Eequiv:3": (x =E y & y =E z)  x =E z
7656proof (rule CP)
7657  AOT_assume 1: x =E y & y =E z
7658  AOT_hence x = y & y = z
7659    by (metis "&I" "&E"(1) "&E"(2) "=E-simple:2" "vdash-properties:6")
7660  AOT_hence x = z by (metis "id-eq:3" "vdash-properties:6")
7661  moreover AOT_have x =E x
7662    using 1[THEN "&E"(1)] "&E"(1) "=E-simple:1" "≡E"(1)
7663          "ord=Eequiv:1" "→E" by blast
7664  ultimately AOT_show x =E z
7665    using "rule=E" by fast
7666qed
7667
7668AOT_theorem "ord-=E=:1": (O!x  O!y)  (x = y  x =E y)
7669proof(rule CP)
7670  AOT_assume O!x  O!y
7671  moreover {
7672    AOT_assume O!x
7673    AOT_hence O!x by (metis "oa-facts:1" "vdash-properties:10")
7674    moreover {
7675      AOT_modally_strict {
7676        AOT_have O!x  (x = y  x =E y)
7677        proof (rule "→I"; rule "≡I"; rule "→I")
7678          AOT_assume O!x
7679          AOT_hence x =E x by (metis "ord=Eequiv:1" "→E")
7680          moreover AOT_assume x = y
7681          ultimately AOT_show x =E y using "rule=E" by fast
7682        next
7683          AOT_assume x =E y
7684          AOT_thus x = y by (metis "=E-simple:2" "→E")
7685        qed
7686      }
7687      AOT_hence O!x  (x = y  x =E y) by (metis "RM:1")
7688    }
7689    ultimately AOT_have (x = y  x =E y) using "→E" by blast
7690  }
7691  moreover {
7692    AOT_assume O!y
7693    AOT_hence O!y by (metis "oa-facts:1" "vdash-properties:10")
7694    moreover {
7695      AOT_modally_strict {
7696        AOT_have O!y  (x = y  x =E y)
7697        proof (rule "→I"; rule "≡I"; rule "→I")
7698          AOT_assume O!y
7699          AOT_hence y =E y by (metis "ord=Eequiv:1" "→E")
7700          moreover AOT_assume x = y
7701          ultimately AOT_show x =E y using "rule=E" id_sym by fast
7702        next
7703          AOT_assume x =E y
7704          AOT_thus x = y by (metis "=E-simple:2" "→E")
7705        qed
7706      }
7707      AOT_hence O!y  (x = y  x =E y) by (metis "RM:1")
7708    }
7709    ultimately AOT_have (x = y  x =E y) using "→E" by blast
7710  }
7711  ultimately AOT_show (x = y  x =E y) by (metis "∨E"(3) "raa-cor:1")
7712qed
7713
7714AOT_theorem "ord-=E=:2": O!y  x x = y]
7715proof (rule "→I"; rule "safe-ext"[axiom_inst, THEN "→E"]; rule "&I")
7716  AOT_show x x =E y] by "cqt:2[lambda]"
7717next
7718  AOT_assume O!y
7719  AOT_hence 1: (x = y  x =E y) for x
7720    using "ord-=E=:1" "→E" "∨I" by blast
7721  AOT_have (x =E y  x = y) for x
7722    by (AOT_subst x =E y  x = y x = y  x =E y)
7723       (auto simp add: "Commutativity of ≡" 1)
7724  AOT_hence x (x =E y  x = y) by (rule GEN)
7725  AOT_thus x (x =E y  x = y) by (rule BF[THEN "→E"])
7726qed
7727
7728
7729AOT_theorem "ord-=E=:3": xy O!x & O!y & x = y]
7730proof (rule "safe-ext[2]"[axiom_inst, THEN "→E"]; rule "&I")
7731  AOT_show xy O!x & O!y & x =E y] by "cqt:2[lambda]"
7732next
7733  AOT_show xy ([O!]x & [O!]y & x =E y  [O!]x & [O!]y & x = y)
7734  proof (rule RN; rule GEN; rule GEN; rule "≡I"; rule "→I")
7735    AOT_modally_strict {
7736      AOT_show [O!]x & [O!]y & x = y if [O!]x & [O!]y & x =E y for x y
7737        by (metis "&I" "&E"(1) "Conjunction Simplification"(2) "=E-simple:2"
7738                  "modus-tollens:1" "raa-cor:1" that)
7739    }
7740  next
7741    AOT_modally_strict {
7742      AOT_show [O!]x & [O!]y & x =E y if [O!]x & [O!]y & x = y for x y
7743        apply(safe intro!: "&I")
7744          apply (metis that[THEN "&E"(1), THEN "&E"(1)])
7745         apply (metis that[THEN "&E"(1), THEN "&E"(2)])
7746        using "rule=E"[rotated, OF that[THEN "&E"(2)]]
7747              "ord=Eequiv:1"[THEN "→E", OF that[THEN "&E"(1), THEN "&E"(1)]]
7748        by fast
7749    }
7750  qed
7751qed
7752
7753AOT_theorem "ind-nec": F ([F]x  [F]y)  F ([F]x  [F]y)
7754proof(rule "→I")
7755  AOT_assume F ([F]x  [F]y)
7756  moreover AOT_have x F ([F]x  [F]y)] by "cqt:2[lambda]"
7757  ultimately AOT_have x F ([F]x  [F]y)]x  x F ([F]x  [F]y)]y
7758    using "∀E" by blast
7759  moreover AOT_have x F ([F]x  [F]y)]y
7760    apply (rule "β←C"(1))
7761      apply "cqt:2[lambda]"
7762     apply (fact "cqt:2[const_var]"[axiom_inst])
7763    by (simp add: RN GEN "oth-class-taut:3:a")
7764  ultimately AOT_have x F ([F]x  [F]y)]x using "≡E" by blast
7765  AOT_thus F ([F]x  [F]y)
7766    using "β→C"(1) by blast
7767qed
7768
7769AOT_theorem "ord=E:1": (O!x & O!y)  (F ([F]x  [F]y)  x =E y)
7770proof (rule "→I"; rule "→I")
7771  AOT_assume F ([F]x  [F]y)
7772  AOT_hence F ([F]x  [F]y)
7773    using "ind-nec"[THEN "→E"] by blast
7774  moreover AOT_assume O!x & O!y
7775  ultimately AOT_have O!x & O!y & F ([F]x  [F]y)
7776    using "&I" by blast
7777  AOT_thus x =E y using "=E-simple:1"[THEN "≡E"(2)] by blast
7778qed
7779
7780AOT_theorem "ord=E:2": (O!x & O!y)  (F ([F]x  [F]y)  x = y)
7781proof (rule "→I"; rule "→I")
7782  AOT_assume O!x & O!y
7783  moreover AOT_assume F ([F]x  [F]y)
7784  ultimately AOT_have x =E y
7785    using "ord=E:1" "→E" by blast
7786  AOT_thus x = y using "=E-simple:2"[THEN "→E"] by blast
7787qed
7788
7789AOT_theorem "ord=E2:1":
7790  (O!x & O!y)  (x  y  z z =E x]  z z =E y])
7791proof (rule "→I"; rule "≡I"; rule "→I";
7792       rule "≡dfI"[OF "=-infix"]; rule "raa-cor:2")
7793  AOT_assume 0: O!x & O!y
7794  AOT_assume x  y
7795  AOT_hence 1: ¬(x = y) using "≡dfE"[OF "=-infix"] by blast
7796  AOT_assume z z =E x] = z z =E y]
7797  moreover AOT_have z z =E x]x
7798    apply (rule "β←C"(1))
7799      apply "cqt:2[lambda]"
7800     apply (fact "cqt:2[const_var]"[axiom_inst])
7801    using "ord=Eequiv:1"[THEN "→E", OF 0[THEN "&E"(1)]].
7802  ultimately AOT_have z z =E y]x using "rule=E" by fast
7803  AOT_hence x =E y using "β→C"(1) by blast
7804  AOT_hence x = y by (metis "=E-simple:2" "vdash-properties:6")
7805  AOT_thus x = y & ¬(x = y) using 1 "&I" by blast
7806next
7807  AOT_assume z z =E x]  z z =E y]
7808  AOT_hence 0: ¬(z z =E x] = z z =E y])
7809    using "≡dfE"[OF "=-infix"] by blast
7810  AOT_have z z =E x] by "cqt:2[lambda]"
7811  AOT_hence z z =E x] = z z =E x]
7812    by (metis "rule=I:1")
7813  moreover AOT_assume x = y
7814  ultimately AOT_have z z =E x] = z z =E y]
7815    using "rule=E" by fast
7816  AOT_thus z z =E x] = z z =E y] & ¬(z z =E x] = z z =E y])
7817    using 0 "&I" by blast
7818qed
7819
7820AOT_theorem "ord=E2:2":
7821  (O!x & O!y)  (x  y  z z = x]  z z = y])
7822proof (rule "→I"; rule "≡I"; rule "→I";
7823       rule "≡dfI"[OF "=-infix"]; rule "raa-cor:2")
7824  AOT_assume 0: O!x & O!y
7825  AOT_assume x  y
7826  AOT_hence 1: ¬(x = y) using "≡dfE"[OF "=-infix"] by blast
7827  AOT_assume z z = x] = z z = y]
7828  moreover AOT_have z z = x]x
7829    apply (rule "β←C"(1))
7830    apply (fact "ord-=E=:2"[THEN "→E", OF 0[THEN "&E"(1)]])
7831     apply (fact "cqt:2[const_var]"[axiom_inst])
7832    by (simp add: "id-eq:1")
7833  ultimately AOT_have z z = y]x using "rule=E" by fast
7834  AOT_hence x = y using "β→C"(1) by blast
7835  AOT_thus x = y & ¬(x = y) using 1 "&I" by blast
7836next
7837  AOT_assume 0: O!x & O!y
7838  AOT_assume z z = x]  z z = y]
7839  AOT_hence 1: ¬(z z = x] = z z = y])
7840    using "≡dfE"[OF "=-infix"] by blast
7841  AOT_have z z = x]
7842    by (fact "ord-=E=:2"[THEN "→E", OF 0[THEN "&E"(1)]])
7843  AOT_hence z z = x] = z z = x]
7844    by (metis "rule=I:1")
7845  moreover AOT_assume x = y
7846  ultimately AOT_have z z = x] = z z = y]
7847    using "rule=E" by fast
7848  AOT_thus z z = x] = z z = y] & ¬(z z = x] = z z = y])
7849    using 1 "&I" by blast
7850qed
7851
7852AOT_theorem ordnecfail: O!x  ¬F x[F]
7853  by (meson "RM:1" "→I" nocoder[axiom_inst] "oa-facts:1" "→E")
7854
7855AOT_theorem "ab-obey:1": (A!x & A!y)  (F (x[F]  y[F])  x = y)
7856proof (rule "→I"; rule "→I")
7857  AOT_assume 1: A!x & A!y
7858  AOT_assume F (x[F]  y[F])
7859  AOT_hence x[F]  y[F] for F using "∀E" by blast
7860  AOT_hence (x[F]  y[F]) for F by (metis "en-eq:6[1]" "≡E"(1))
7861  AOT_hence F (x[F]  y[F]) by (rule GEN)
7862  AOT_hence F (x[F]  y[F]) by (rule BF[THEN "→E"])
7863  AOT_thus x = y
7864    using "≡dfI"[OF "identity:1", OF "∨I"(2)] 1 "&I" by blast
7865qed
7866
7867AOT_theorem "ab-obey:2":
7868  (F (x[F] & ¬y[F])  F (y[F] & ¬x[F]))  x  y
7869proof (rule "→I"; rule "≡dfI"[OF "=-infix"]; rule "raa-cor:2")
7870  AOT_assume 1: x = y
7871  AOT_assume F (x[F] & ¬y[F])  F (y[F] & ¬x[F])
7872  moreover {
7873    AOT_assume F (x[F] & ¬y[F])
7874    then AOT_obtain F where x[F] & ¬y[F]
7875      using "∃E"[rotated] by blast
7876    moreover AOT_have y[F]
7877      using calculation[THEN "&E"(1)] 1 "rule=E" by fast
7878    ultimately AOT_have p & ¬p for p
7879      by (metis "Conjunction Simplification"(2) "modus-tollens:2" "raa-cor:3")
7880  }
7881  moreover {
7882    AOT_assume F (y[F] & ¬x[F])
7883    then AOT_obtain F where y[F] & ¬x[F]
7884      using "∃E"[rotated] by blast
7885    moreover AOT_have ¬y[F]
7886      using calculation[THEN "&E"(2)] 1 "rule=E" by fast
7887    ultimately AOT_have p & ¬p for p
7888      by (metis "Conjunction Simplification"(1) "modus-tollens:1" "raa-cor:3")
7889  }
7890  ultimately AOT_show p & ¬p for p
7891    by (metis "∨E"(3) "raa-cor:1")
7892qed
7893
7894AOT_theorem "encoders-are-abstract": F x[F]  A!x
7895  by (meson "deduction-theorem" "≡E"(2) "modus-tollens:2" nocoder
7896            "oa-contingent:3" "vdash-properties:1[2]")
7897
7898AOT_theorem "denote=:1": Hx x[H]
7899  by (rule GEN; rule "existence:2[1]"[THEN "≡dfE"]; "cqt:2")
7900
7901AOT_theorem "denote=:2": Gx1...∃xn x1...xn[H]
7902  by (rule GEN; rule "existence:2"[THEN "≡dfE"]; "cqt:2")
7903
7904AOT_theorem "denote=:2[2]": Gx1x2 x1x2[H]
7905  by (rule GEN; rule "existence:2[2]"[THEN "≡dfE"]; "cqt:2")
7906
7907AOT_theorem "denote=:2[3]": Gx1x2x3 x1x2x3[H]
7908  by (rule GEN; rule "existence:2[3]"[THEN "≡dfE"]; "cqt:2")
7909
7910AOT_theorem "denote=:2[4]": Gx1x2x3x4 x1x2x3x4[H]
7911  by (rule GEN; rule "existence:2[4]"[THEN "≡dfE"]; "cqt:2")
7912
7913AOT_theorem "denote=:3": x x[Π]  H (H = Π)
7914  using "existence:2[1]" "free-thms:1" "≡E"(2,5)
7915        "Commutativity of ≡" "≡Df" by blast
7916
7917AOT_theorem "denote=:4": (x1...∃xn x1...xn[Π])  H (H = Π)
7918  using "existence:2" "free-thms:1" "≡E"(6) "≡Df" by blast
7919
7920AOT_theorem "denote=:4[2]": (x1x2 x1x2[Π])  H (H = Π)
7921  using "existence:2[2]" "free-thms:1" "≡E"(6) "≡Df" by blast
7922
7923AOT_theorem "denote=:4[3]": (x1x2x3 x1x2x3[Π])  H (H = Π)
7924  using "existence:2[3]" "free-thms:1" "≡E"(6) "≡Df" by blast
7925
7926AOT_theorem "denote=:4[4]": (x1x2x3x4 x1x2x3x4[Π])  H (H = Π)
7927  using "existence:2[4]" "free-thms:1" "≡E"(6) "≡Df" by blast
7928
7929AOT_theorem "A-objects!": ∃!x (A!x & F (x[F]  φ{F}))
7930proof (rule "uniqueness:1"[THEN "≡dfI"])
7931  AOT_obtain a where a_prop: A!a & F (a[F]  φ{F})
7932    using "A-objects"[axiom_inst] "∃E"[rotated] by blast
7933  AOT_have (A!β & F (β[F]  φ{F}))  β = a for β
7934  proof (rule "→I")
7935    AOT_assume β_prop: [A!]β & F (β[F]  φ{F})
7936    AOT_hence β[F]  φ{F} for F
7937      using "∀E" "&E" by blast
7938    AOT_hence β[F]  a[F] for F
7939      using a_prop[THEN "&E"(2)] "∀E" "≡E"(2,5)
7940            "Commutativity of ≡" by fast
7941    AOT_hence F (β[F]  a[F]) by (rule GEN)
7942    AOT_thus β = a
7943      using "ab-obey:1"[THEN "→E",
7944                OF "&I"[OF β_prop[THEN "&E"(1)], OF a_prop[THEN "&E"(1)]],
7945                THEN "→E"] by blast
7946  qed
7947  AOT_hence β ((A!β & F (β[F]  φ{F}))  β = a) by (rule GEN)
7948  AOT_thus α ([A!]α & F (α[F]  φ{F}) &
7949                β ([A!]β & F (β[F]  φ{F})  β = α))
7950    using "∃I" using a_prop "&I" by fast
7951qed
7952
7953AOT_theorem "obj-oth:1": ∃!x (A!x & F (x[F]  [F]y))
7954  using "A-objects!" by fast
7955
7956AOT_theorem "obj-oth:2": ∃!x (A!x & F (x[F]  [F]y & [F]z))
7957  using "A-objects!" by fast
7958
7959AOT_theorem "obj-oth:3": ∃!x (A!x & F (x[F]  [F]y  [F]z))
7960  using "A-objects!" by fast
7961
7962AOT_theorem "obj-oth:4": ∃!x (A!x & F (x[F]  [F]y))
7963  using "A-objects!" by fast
7964
7965AOT_theorem "obj-oth:5": ∃!x (A!x & F (x[F]  F = G))
7966  using "A-objects!" by fast
7967
7968AOT_theorem "obj-oth:6": ∃!x (A!x & F (x[F]  y([G]y  [F]y)))
7969  using "A-objects!" by fast
7970
7971AOT_theorem "A-descriptions": ιx (A!x & F (x[F]  φ{F}))
7972  by (rule "A-Exists:2"[THEN "≡E"(2)]; rule "RA[2]"; rule "A-objects!")
7973
7974AOT_act_theorem "thm-can-terms2":
7975  y = ιx(A!x & F (x[F]  φ{F}))  (A!y & F (y[F]  φ{F}))
7976  using "y-in:2" by blast
7977
7978AOT_theorem "can-ab2": y = ιx(A!x & F (x[F]  φ{F}))   A!y
7979proof(rule "→I")
7980  AOT_assume y = ιx(A!x & F (x[F]  φ{F}))
7981  AOT_hence 𝒜(A!y & F (y[F]  φ{F}))
7982    using "actual-desc:2"[THEN "→E"] by blast
7983  AOT_hence 𝒜A!y by (metis "Act-Basic:2" "&E"(1) "≡E"(1))
7984  AOT_thus A!y by (metis "≡E"(2) "oa-facts:8")
7985qed
7986
7987AOT_act_theorem "desc-encode:1": ιx(A!x & F (x[F]  φ{F}))[F]  φ{F}
7988proof -
7989  AOT_have ιx(A!x & F (x[F]  φ{F}))
7990    by (simp add: "A-descriptions")
7991  AOT_hence A!ιx(A!x & F (x[F]  φ{F})) &
7992             F(ιx(A!x & F (x[F]  φ{F}))[F]  φ{F})
7993    using "y-in:3"[THEN "→E"] by blast
7994  AOT_thus ιx(A!x & F (x[F]  φ{F}))[F]  φ{F}
7995    using "&E" "∀E" by blast
7996qed
7997
7998AOT_act_theorem "desc-encode:2": ιx(A!x & F (x[F]  φ{F}))[G]  φ{G}
7999  using "desc-encode:1".
8000
8001AOT_theorem "desc-nec-encode:1":
8002  ιx (A!x & F (x[F]  φ{F}))[F]  𝒜φ{F}
8003proof -
8004  AOT_have 0: ιx(A!x & F (x[F]  φ{F}))
8005    by (simp add: "A-descriptions")
8006  AOT_hence 𝒜(A!ιx(A!x & F (x[F]  φ{F})) &
8007             F(ιx(A!x & F (x[F]  φ{F}))[F]  φ{F}))
8008    using "actual-desc:4"[THEN "→E"] by blast
8009  AOT_hence 𝒜F (ιx(A!x & F (x[F]  φ{F}))[F]  φ{F})
8010    using "Act-Basic:2" "&E"(2) "≡E"(1) by blast
8011  AOT_hence F 𝒜(ιx(A!x & F (x[F]  φ{F}))[F]  φ{F})
8012    using "≡E"(1) "logic-actual-nec:3" "vdash-properties:1[2]" by blast
8013  AOT_hence 𝒜(ιx(A!x & F (x[F]  φ{F}))[F]  φ{F})
8014    using "∀E" by blast
8015  AOT_hence 𝒜ιx(A!x & F (x[F]  φ{F}))[F]  𝒜φ{F}
8016    using "Act-Basic:5" "≡E"(1) by blast
8017  AOT_thus ιx(A!x & F (x[F]  φ{F}))[F]  𝒜φ{F}
8018    using "en-eq:10[1]"[unvarify x1, OF 0] "≡E"(6) by blast
8019qed
8020
8021AOT_theorem "desc-nec-encode:2":
8022  ιx (A!x & F (x[F]  φ{F}))[G]  𝒜φ{G}
8023  using "desc-nec-encode:1".
8024
8025AOT_theorem "Box-desc-encode:1": φ{G}  ιx(A!x & F (x[F]  φ{G}))[G]
8026  by (rule "→I"; rule "desc-nec-encode:2"[THEN "≡E"(2)])
8027     (meson "nec-imp-act" "vdash-properties:10")
8028
8029AOT_theorem "Box-desc-encode:2":
8030φ{G}  (ιx(A!x & F (x[F]  φ{G}))[G]  φ{G})
8031proof(rule CP)
8032  AOT_assume φ{G}
8033  AOT_hence φ{G} by (metis "S5Basic:6" "≡E"(1))
8034  moreover AOT_have φ{G}  (ιx(A!x & F (x[F]  φ{G}))[G]  φ{G})
8035  proof (rule RM; rule "→I")
8036    AOT_modally_strict {
8037      AOT_assume 1: φ{G}
8038      AOT_hence ιx(A!x & F (x[F]  φ{G}))[G]
8039        using "Box-desc-encode:1" "→E" by blast
8040      moreover AOT_have φ{G}
8041        using 1 by (meson "qml:2"[axiom_inst] "→E")
8042      ultimately AOT_show ιx(A!x & F (x[F]  φ{G}))[G]  φ{G}
8043        using "→I" "≡I" by simp
8044    }
8045  qed
8046  ultimately AOT_show (ιx(A!x & F (x[F]  φ{G}))[G]  φ{G})
8047    using "→E" by blast
8048qed
8049
8050definition rigid_condition where
8051  rigid_condition φ  v . [v  α (φ{α}  φ{α})]
8052syntax rigid_condition :: ‹id_position  AOT_prop› ("RIGID'_CONDITION'(_')")
8053
8054AOT_theorem "strict-can:1[E]":
8055  assumes RIGID_CONDITION(φ)
8056  shows α (φ{α}  φ{α})
8057  using assms[unfolded rigid_condition_def] by auto
8058
8059AOT_theorem "strict-can:1[I]":
8060  assumes  α (φ{α}  φ{α})
8061  shows RIGID_CONDITION(φ)
8062  using assms rigid_condition_def by auto
8063
8064AOT_theorem "box-phi-a:1":
8065  assumes RIGID_CONDITION(φ)
8066  shows (A!x  & F (x[F]  φ{F}))  (A!x & F (x[F]  φ{F}))
8067proof (rule "→I")
8068  AOT_assume a: A!x & F (x[F]  φ{F})
8069  AOT_hence b: A!x
8070    by (metis "Conjunction Simplification"(1) "oa-facts:2" "→E")
8071  AOT_have x[F]  φ{F} for F
8072    using a[THEN "&E"(2)] "∀E" by blast
8073  moreover AOT_have (x[F]  x[F]) for F
8074    by (meson "pre-en-eq:1[1]" RN)
8075  moreover AOT_have (φ{F}  φ{F}) for F
8076    using RN "strict-can:1[E]"[OF assms] "∀E" by blast
8077  ultimately AOT_have (x[F]  φ{F}) for F
8078    using "sc-eq-box-box:5" "qml:2"[axiom_inst, THEN "→E"] "→E" "&I" by metis
8079  AOT_hence F (x[F]  φ{F}) by (rule GEN)
8080  AOT_hence F (x[F]  φ{F}) by (rule BF[THEN "→E"])
8081  AOT_thus ([A!]x & F (x[F]  φ{F}))
8082    using b "KBasic:3" "≡S"(1) "≡E"(2) by blast
8083qed
8084
8085AOT_theorem "box-phi-a:2":
8086  assumes RIGID_CONDITION(φ)
8087  shows y = ιx(A!x & F (x[F]  φ{F}))  (A!y & F (y[F]  φ{F}))
8088proof(rule "→I")
8089  AOT_assume y = ιx(A!x & F (x[F]  φ{F}))
8090  AOT_hence 𝒜(A!y & F (y[F]  φ{F}))
8091    using "actual-desc:2"[THEN "→E"] by fast
8092  AOT_hence abs: 𝒜A!y and 𝒜F (y[F]  φ{F})
8093    using "Act-Basic:2" "&E" "≡E"(1) by blast+
8094  AOT_hence F 𝒜(y[F]  φ{F})
8095    by (metis "≡E"(1) "logic-actual-nec:3" "vdash-properties:1[2]")
8096  AOT_hence 𝒜(y[F]  φ{F}) for F
8097    using "∀E" by blast
8098  AOT_hence 𝒜y[F]  𝒜φ{F} for F
8099    by (metis "Act-Basic:5" "≡E"(1)) 
8100  AOT_hence y[F]  φ{F} for F
8101    using "sc-eq-fur:2"[THEN "→E",
8102            OF "strict-can:1[E]"[OF assms,
8103                THEN "∀E"(2)[where β=F], THEN RN]]
8104    by (metis "en-eq:10[1]" "≡E"(6))
8105  AOT_hence F (y[F]  φ{F}) by (rule GEN)
8106  AOT_thus [A!]y & F (y[F]  φ{F})
8107    using abs "&I" "≡E"(2) "oa-facts:8" by blast
8108qed
8109
8110AOT_theorem "box-phi-a:3":
8111  assumes RIGID_CONDITION(φ)
8112  shows ιx(A!x & F (x[F]  φ{F}))[F]  φ{F}
8113  using "desc-nec-encode:2"
8114    "sc-eq-fur:2"[THEN "→E",
8115        OF "strict-can:1[E]"[OF assms,
8116          THEN "∀E"(2)[where β=F], THEN RN]]
8117    "≡E"(5) by blast
8118
8119AOT_define Null :: ‹τ  φ› ("Null'(_')") 
8120  "df-null-uni:1": Null(x) df A!x & ¬F x[F]
8121
8122AOT_define Universal :: ‹τ  φ› ("Universal'(_')")
8123  "df-null-uni:2": Universal(x) df A!x & F x[F]
8124
8125AOT_theorem "null-uni-uniq:1": ∃!x Null(x)
8126proof (rule "uniqueness:1"[THEN "≡dfI"])
8127  AOT_obtain a where a_prop: A!a & F (a[F]  ¬(F = F))
8128    using "A-objects"[axiom_inst] "∃E"[rotated] by fast
8129  AOT_have a_null: ¬a[F] for F
8130  proof (rule "raa-cor:2")
8131    AOT_assume a[F]
8132    AOT_hence ¬(F = F) using a_prop[THEN "&E"(2)] "∀E" "≡E" by blast
8133    AOT_hence F = F & ¬(F = F) by (metis "id-eq:1" "raa-cor:3")
8134    AOT_thus p & ¬p for p  by (metis "raa-cor:1")
8135  qed
8136  AOT_have Null(a) & β (Null(β)  β = a)
8137  proof (rule "&I")
8138    AOT_have ¬F a[F]
8139      using a_null by (metis "instantiation" "reductio-aa:1")
8140    AOT_thus Null(a)
8141      using "df-null-uni:1"[THEN "≡dfI"] a_prop[THEN "&E"(1)] "&I" by metis
8142  next
8143    AOT_show β (Null(β)  β = a)
8144    proof (rule GEN; rule "→I")
8145      fix β
8146      AOT_assume a: Null(β)
8147      AOT_hence ¬F β[F]
8148        using "df-null-uni:1"[THEN "≡dfE"] "&E" by blast
8149      AOT_hence β_null: ¬β[F] for F
8150        by (metis "existential:2[const_var]" "reductio-aa:1")
8151      AOT_have F (β[F]  a[F])
8152        apply (rule GEN; rule "≡I"; rule CP)
8153        using "raa-cor:3" β_null a_null by blast+
8154      moreover AOT_have A!β
8155        using a "df-null-uni:1"[THEN "≡dfE"] "&E" by blast
8156      ultimately AOT_show β = a
8157        using a_prop[THEN "&E"(1)] "ab-obey:1"[THEN "→E", THEN "→E"]
8158              "&I" by blast
8159    qed
8160  qed
8161  AOT_thus α (Null(α) & β (Null(β)  β = α))
8162    using "∃I"(2) by fast
8163qed
8164
8165AOT_theorem "null-uni-uniq:2": ∃!x Universal(x)
8166proof (rule "uniqueness:1"[THEN "≡dfI"])
8167  AOT_obtain a where a_prop: A!a & F (a[F]  F = F)
8168    using "A-objects"[axiom_inst] "∃E"[rotated] by fast
8169  AOT_hence aF: a[F] for F using "&E" "∀E" "≡E" "id-eq:1" by fast
8170  AOT_hence Universal(a)
8171    using "df-null-uni:2"[THEN "≡dfI"] "&I" a_prop[THEN "&E"(1)] GEN by blast
8172  moreover AOT_have β (Universal(β)  β = a)
8173  proof (rule GEN; rule "→I")
8174    fix β
8175    AOT_assume Universal(β)
8176    AOT_hence abs_β: A!β and β[F] for F
8177      using "df-null-uni:2"[THEN "≡dfE"] "&E" "∀E" by blast+
8178    AOT_hence β[F]  a[F] for F
8179      using aF by (metis "deduction-theorem" "≡I")
8180    AOT_hence F (β[F]  a[F]) by (rule GEN)
8181    AOT_thus β = a
8182      using a_prop[THEN "&E"(1)] "ab-obey:1"[THEN "→E", THEN "→E"]
8183            "&I" abs_β by blast
8184  qed
8185  ultimately AOT_show α (Universal(α) & β (Universal(β)  β = α))
8186    using "&I" "∃I" by fast
8187qed
8188
8189AOT_theorem "null-uni-uniq:3": ιx Null(x)
8190  using "A-Exists:2" "RA[2]" "≡E"(2) "null-uni-uniq:1" by blast
8191
8192AOT_theorem "null-uni-uniq:4": ιx Universal(x)
8193  using "A-Exists:2" "RA[2]" "≡E"(2) "null-uni-uniq:2" by blast
8194
8195AOT_define Null_object :: ‹κs (a)
8196  "df-null-uni-terms:1": a =df ιx Null(x)
8197
8198AOT_define Universal_object :: ‹κs (aV)
8199  "df-null-uni-terms:2": aV =df ιx Universal(x)
8200
8201AOT_theorem "null-uni-facts:1": Null(x)  Null(x)
8202proof (rule "→I")
8203  AOT_assume Null(x)
8204  AOT_hence x_abs: A!x and x_null: ¬F x[F]
8205    using "df-null-uni:1"[THEN "≡dfE"] "&E" by blast+
8206  AOT_have ¬x[F] for F using x_null
8207    using "existential:2[const_var]" "reductio-aa:1"
8208    by metis
8209  AOT_hence ¬x[F] for F by (metis "en-eq:7[1]" "≡E"(1))
8210  AOT_hence F ¬x[F] by (rule GEN)
8211  AOT_hence F ¬x[F] by (rule BF[THEN "→E"])
8212  moreover AOT_have F ¬x[F]  ¬F x[F]
8213    apply (rule RM)
8214    by (metis (full_types) "instantiation" "cqt:2[const_var]"[axiom_inst]
8215                           "→I" "reductio-aa:1" "rule-ui:1")
8216  ultimately AOT_have ¬F x[F]
8217    by (metis "→E")
8218  moreover AOT_have A!x using x_abs
8219    using "oa-facts:2" "vdash-properties:10" by blast
8220  ultimately AOT_have r: (A!x & ¬F x[F])
8221    by (metis "KBasic:3" "&I" "≡E"(3) "raa-cor:3")
8222  AOT_show Null(x)
8223    by (AOT_subst Null(x) A!x & ¬F x[F])
8224       (auto simp: "df-null-uni:1" "≡Df" r)
8225qed  
8226
8227AOT_theorem "null-uni-facts:2": Universal(x)  Universal(x)
8228proof (rule "→I")
8229  AOT_assume Universal(x)
8230  AOT_hence x_abs: A!x and x_univ: F x[F]
8231    using "df-null-uni:2"[THEN "≡dfE"] "&E" by blast+
8232  AOT_have x[F] for F using x_univ "∀E" by blast
8233  AOT_hence x[F] for F by (metis "en-eq:2[1]" "≡E"(1))
8234  AOT_hence F x[F] by (rule GEN)
8235  AOT_hence F x[F] by (rule BF[THEN "→E"])
8236  moreover AOT_have A!x using x_abs
8237    using "oa-facts:2" "vdash-properties:10" by blast
8238  ultimately AOT_have r: (A!x & F x[F])
8239    by (metis "KBasic:3" "&I" "≡E"(3) "raa-cor:3")
8240  AOT_show Universal(x)
8241    by (AOT_subst Universal(x) A!x & F x[F])
8242       (auto simp add: "df-null-uni:2" "≡Df" r)
8243qed
8244
8245AOT_theorem "null-uni-facts:3": Null(a)
8246  apply (rule "=dfI"(2)[OF "df-null-uni-terms:1"])
8247   apply (simp add: "null-uni-uniq:3")
8248  using "actual-desc:4"[THEN "→E", OF "null-uni-uniq:3"]
8249    "sc-eq-fur:2"[THEN "→E",
8250        OF "null-uni-facts:1"[unvarify x, THEN RN, OF "null-uni-uniq:3"],
8251        THEN "≡E"(1)]
8252  by blast
8253
8254AOT_theorem "null-uni-facts:4": Universal(aV)
8255  apply (rule "=dfI"(2)[OF "df-null-uni-terms:2"])
8256   apply (simp add: "null-uni-uniq:4")
8257  using "actual-desc:4"[THEN "→E", OF "null-uni-uniq:4"]
8258    "sc-eq-fur:2"[THEN "→E",
8259        OF "null-uni-facts:2"[unvarify x, THEN RN, OF "null-uni-uniq:4"],
8260        THEN "≡E"(1)]
8261  by blast
8262
8263AOT_theorem "null-uni-facts:5": a  aV
8264proof (rule "=dfI"(2)[OF "df-null-uni-terms:1", OF "null-uni-uniq:3"];
8265    rule "=dfI"(2)[OF "df-null-uni-terms:2", OF "null-uni-uniq:4"];
8266    rule "≡dfI"[OF "=-infix"];
8267    rule "raa-cor:2")
8268  AOT_obtain x where nullx: Null(x)
8269    by (metis "instantiation" "df-null-uni-terms:1" "existential:1"
8270              "null-uni-facts:3" "null-uni-uniq:3" "rule-id-df:2:b[zero]")
8271  AOT_hence act_null: 𝒜Null(x)
8272    by (metis "nec-imp-act" "null-uni-facts:1" "→E")
8273  AOT_assume ιx Null(x) = ιx Universal(x)
8274  AOT_hence 𝒜x(Null(x)  Universal(x))
8275    using "actual-desc:5"[THEN "→E"] by blast
8276  AOT_hence x 𝒜(Null(x)  Universal(x))
8277    by (metis "≡E"(1) "logic-actual-nec:3" "vdash-properties:1[2]")
8278  AOT_hence 𝒜Null(x)  𝒜Universal(x)
8279    using "Act-Basic:5" "≡E"(1) "rule-ui:3" by blast
8280  AOT_hence 𝒜Universal(x) using act_null "≡E" by blast
8281  AOT_hence Universal(x)
8282    by (metis RN "≡E"(1) "null-uni-facts:2" "sc-eq-fur:2" "→E")
8283  AOT_hence F x[F] using "≡dfE"[OF "df-null-uni:2"] "&E" by metis
8284  moreover AOT_have ¬F x[F]
8285    using nullx "≡dfE"[OF "df-null-uni:1"] "&E" by metis
8286  ultimately AOT_show p & ¬p for p
8287    by (metis "cqt-further:1" "raa-cor:3" "→E")
8288qed
8289
8290AOT_theorem "null-uni-facts:6": a = ιx(A!x & F (x[F]  F  F))
8291proof (rule "ab-obey:1"[unvarify x y, THEN "→E", THEN "→E"])
8292  AOT_show ιx([A!]x & F (x[F]  F  F))
8293    by (simp add: "A-descriptions")
8294next
8295  AOT_show a
8296    by (rule "=dfI"(2)[OF "df-null-uni-terms:1", OF "null-uni-uniq:3"])
8297       (simp add: "null-uni-uniq:3")
8298next
8299  AOT_have ιx([A!]x & F (x[F]  F  F))
8300    by (simp add: "A-descriptions")
8301  AOT_hence 1: ιx([A!]x & F (x[F]  F  F)) = ιx([A!]x & F (x[F]  F  F))
8302    using "rule=I:1" by blast
8303  AOT_show [A!]a & [A!]ιx([A!]x & F (x[F]  F  F))
8304    apply (rule "=dfI"(2)[OF "df-null-uni-terms:1", OF "null-uni-uniq:3"];
8305           rule "&I")
8306     apply (meson "≡dfE" "Conjunction Simplification"(1)
8307                  "df-null-uni:1" "df-null-uni-terms:1" "null-uni-facts:3"
8308                  "null-uni-uniq:3" "rule-id-df:2:a[zero]" "→E")
8309    using "can-ab2"[unvarify y, OF "A-descriptions", THEN "→E", OF 1].
8310next
8311  AOT_show F (a[F]  ιx([A!]x & F (x[F]  F  F))[F])
8312  proof (rule GEN)
8313    fix F
8314    AOT_have ¬a[F]
8315      by (rule "=dfI"(2)[OF "df-null-uni-terms:1", OF "null-uni-uniq:3"])
8316         (metis (no_types, lifting) "≡dfE" "&E"(2) "∨I"(2) "∨E"(3) "∃I"(2)
8317                "df-null-uni:1" "df-null-uni-terms:1" "null-uni-facts:3"
8318                "raa-cor:2" "rule-id-df:2:a[zero]"
8319                "russell-axiom[enc,1].ψ_denotes_asm")
8320    moreover AOT_have ¬ιx([A!]x & F (x[F]  F  F))[F]
8321    proof(rule "raa-cor:2")
8322      AOT_assume 0: ιx([A!]x & F (x[F]  F  F))[F]
8323      AOT_hence 𝒜(F  F)
8324        using "desc-nec-encode:2"[THEN "≡E"(1), OF 0] by blast
8325      moreover AOT_have ¬𝒜(F  F)
8326        using "≡dfE" "id-act:2" "id-eq:1" "≡E"(2)
8327              "=-infix" "raa-cor:3" by blast
8328      ultimately AOT_show 𝒜(F  F) & ¬𝒜(F  F) by (rule "&I")
8329    qed
8330    ultimately AOT_show a[F]  ιx([A!]x & F (x[F]  F  F))[F]
8331      using "deduction-theorem" "≡I" "raa-cor:4" by blast
8332  qed
8333qed
8334
8335AOT_theorem "null-uni-facts:7": aV = ιx(A!x & F (x[F]  F = F))
8336proof (rule "ab-obey:1"[unvarify x y, THEN "→E", THEN "→E"])
8337  AOT_show ιx([A!]x & F (x[F]  F = F))
8338    by (simp add: "A-descriptions")
8339next
8340  AOT_show aV
8341    by (rule "=dfI"(2)[OF "df-null-uni-terms:2", OF "null-uni-uniq:4"])
8342       (simp add: "null-uni-uniq:4")
8343next
8344  AOT_have ιx([A!]x & F (x[F]  F = F))
8345    by (simp add: "A-descriptions")
8346  AOT_hence 1: ιx([A!]x & F (x[F]  F = F)) = ιx([A!]x & F (x[F]  F = F))
8347    using "rule=I:1" by blast
8348  AOT_show [A!]aV & [A!]ιx([A!]x & F (x[F]  F = F))
8349    apply (rule "=dfI"(2)[OF "df-null-uni-terms:2", OF "null-uni-uniq:4"];
8350           rule "&I")
8351     apply (meson "≡dfE" "Conjunction Simplification"(1) "df-null-uni:2"
8352                  "df-null-uni-terms:2" "null-uni-facts:4" "null-uni-uniq:4"
8353                  "rule-id-df:2:a[zero]" "→E")
8354    using "can-ab2"[unvarify y, OF "A-descriptions", THEN "→E", OF 1].
8355next
8356  AOT_show F (aV[F]  ιx([A!]x & F (x[F]  F = F))[F])
8357  proof (rule GEN)
8358    fix F
8359    AOT_have aV[F]
8360      apply (rule "=dfI"(2)[OF "df-null-uni-terms:2", OF "null-uni-uniq:4"])
8361      using "≡dfE" "&E"(2) "df-null-uni:2" "df-null-uni-terms:2"
8362            "null-uni-facts:4" "null-uni-uniq:4" "rule-id-df:2:a[zero]"
8363            "rule-ui:3" by blast
8364    moreover AOT_have ιx([A!]x & F (x[F]  F = F))[F]
8365      using "RA[2]" "desc-nec-encode:2" "id-eq:1" "≡E"(2) by fastforce
8366    ultimately AOT_show aV[F]  ιx([A!]x & F (x[F]  F = F))[F]
8367      using "deduction-theorem" "≡I" by simp
8368  qed
8369qed
8370
8371AOT_theorem "aclassical:1":
8372Rxy(A!x & A!y & x  y & z [R]zx] = z [R]zy])
8373proof(rule GEN)
8374  fix R
8375  AOT_obtain a where a_prop:
8376    A!a & F (a[F]  y(A!y & F = z [R]zy] & ¬y[F]))
8377    using "A-objects"[axiom_inst] "∃E"[rotated] by fast
8378  AOT_have a_enc: az [R]za]
8379  proof (rule "raa-cor:1")
8380    AOT_assume 0: ¬az [R]za]
8381    AOT_hence ¬y(A!y & z [R]za] = z [R]zy] & ¬yz [R]za])
8382      by (rule a_prop[THEN "&E"(2), THEN "∀E"(1)[where τ="«z [R]za]»"],
8383                THEN "oth-class-taut:4:b"[THEN "≡E"(1)],
8384                THEN "≡E"(1), rotated])
8385         "cqt:2[lambda]"
8386    AOT_hence y ¬(A!y & z [R]za] = z [R]zy] & ¬yz [R]za])
8387      using "cqt-further:4" "vdash-properties:10" by blast
8388    AOT_hence ¬(A!a & z [R]za] = z [R]za] & ¬az [R]za])
8389      using "∀E" by blast
8390    AOT_hence (A!a & z [R]za] = z [R]za])  az [R]za]
8391      by (metis "&I" "deduction-theorem" "raa-cor:3")
8392    moreover AOT_have z [R]za] = z [R]za]
8393      by (rule "=I") "cqt:2[lambda]"
8394    ultimately AOT_have az [R]za]
8395      using a_prop[THEN "&E"(1)] "→E" "&I" by blast
8396    AOT_thus az [R]za] & ¬az [R]za]
8397      using 0 "&I" by blast
8398  qed
8399  AOT_hence y(A!y & z [R]za] = z [R]zy] & ¬yz [R]za])
8400    by (rule a_prop[THEN "&E"(2), THEN "∀E"(1), THEN "≡E"(1), rotated])
8401       "cqt:2"
8402  then AOT_obtain b where b_prop:
8403    A!b & z [R]za] = z [R]zb] & ¬bz [R]za]
8404    using "∃E"[rotated] by blast
8405  AOT_have a  b
8406    apply (rule "≡dfI"[OF "=-infix"])
8407    using a_enc b_prop[THEN "&E"(2)]
8408    using "¬¬I" "rule=E" id_sym "≡E"(4) "oth-class-taut:3:a"
8409          "raa-cor:3" "reductio-aa:1" by fast
8410  AOT_hence A!a & A!b & a  b & z [R]za] = z [R]zb]
8411    using b_prop "&E" a_prop "&I" by meson
8412  AOT_hence y (A!a & A!y & a  y & z [R]za] = z [R]zy]) by (rule "∃I")
8413  AOT_thus xy (A!x & A!y & x  y & z [R]zx] = z [R]zy]) by (rule "∃I")
8414qed
8415
8416AOT_theorem "aclassical:2":
8417  Rxy(A!x & A!y & x  y & z [R]xz] = z [R]yz])
8418proof(rule GEN)
8419  fix R
8420  AOT_obtain a where a_prop:
8421    A!a & F (a[F]  y(A!y & F = z [R]yz] & ¬y[F]))
8422    using "A-objects"[axiom_inst] "∃E"[rotated] by fast
8423  AOT_have a_enc: az [R]az]
8424  proof (rule "raa-cor:1")
8425    AOT_assume 0: ¬az [R]az]
8426    AOT_hence ¬y(A!y & z [R]az] = z [R]yz] & ¬yz [R]az])
8427      by (rule a_prop[THEN "&E"(2), THEN "∀E"(1)[where τ="«z [R]az]»"],
8428                THEN "oth-class-taut:4:b"[THEN "≡E"(1)],
8429                THEN "≡E"(1), rotated])
8430         "cqt:2[lambda]"
8431    AOT_hence y ¬(A!y & z [R]az] = z [R]yz] & ¬yz [R]az])
8432      using "cqt-further:4" "vdash-properties:10" by blast
8433    AOT_hence ¬(A!a & z [R]az] = z [R]az] & ¬az [R]az])
8434      using "∀E" by blast
8435    AOT_hence (A!a & z [R]az] = z [R]az])  az [R]az]
8436      by (metis "&I" "deduction-theorem" "raa-cor:3")
8437    moreover AOT_have z [R]az] = z [R]az]
8438      by (rule "=I") "cqt:2[lambda]"
8439    ultimately AOT_have az [R]az]
8440      using a_prop[THEN "&E"(1)] "→E" "&I" by blast
8441    AOT_thus az [R]az] & ¬az [R]az]
8442      using 0 "&I" by blast
8443  qed
8444  AOT_hence y(A!y & z [R]az] = z [R]yz] & ¬yz [R]az])
8445    by (rule a_prop[THEN "&E"(2), THEN "∀E"(1), THEN "≡E"(1), rotated])
8446       "cqt:2"
8447  then AOT_obtain b where b_prop:
8448    A!b & z [R]az] = z [R]bz] & ¬bz [R]az]
8449    using "∃E"[rotated] by blast
8450  AOT_have a  b
8451    apply (rule "≡dfI"[OF "=-infix"])
8452    using a_enc b_prop[THEN "&E"(2)]
8453    using "¬¬I" "rule=E" id_sym "≡E"(4) "oth-class-taut:3:a"
8454          "raa-cor:3" "reductio-aa:1" by fast
8455  AOT_hence A!a & A!b & a  b & z [R]az] = z [R]bz]
8456    using b_prop "&E" a_prop "&I" by meson
8457  AOT_hence y (A!a & A!y & a  y & z [R]az] = z [R]yz]) by (rule "∃I")
8458  AOT_thus xy (A!x & A!y & x  y & z [R]xz] = z [R]yz]) by (rule "∃I")
8459qed
8460
8461AOT_theorem "aclassical:3":
8462  Fxy(A!x & A!y & x  y &  [F]x] =  [F]y])
8463proof(rule GEN)
8464  fix R
8465  AOT_obtain a where a_prop:
8466    A!a & F (a[F]  y(A!y & F = z [R]y] & ¬y[F]))
8467    using "A-objects"[axiom_inst] "∃E"[rotated] by fast
8468  AOT_have z [R]a] by "cqt:2[lambda]"
8469  (* TODO: S should no longer be necessary *)
8470  then AOT_obtain S where S_def: S = z [R]a]
8471    by (metis "instantiation" "rule=I:1" "existential:1" id_sym)
8472  AOT_have a_enc: a[S]
8473  proof (rule "raa-cor:1")
8474    AOT_assume 0: ¬a[S]
8475    AOT_hence ¬y(A!y & S = z [R]y] & ¬y[S])
8476      by (rule a_prop[THEN "&E"(2), THEN "∀E"(2)[where β=S],
8477                THEN "oth-class-taut:4:b"[THEN "≡E"(1)],
8478                THEN "≡E"(1), rotated]) 
8479    AOT_hence y ¬(A!y & S = z [R]y] & ¬y[S])
8480      using "cqt-further:4" "vdash-properties:10" by blast
8481    AOT_hence ¬(A!a & S = z [R]a] & ¬a[S]) using "∀E" by blast
8482    AOT_hence (A!a & S = z [R]a])  a[S]
8483      by (metis "&I" "deduction-theorem" "raa-cor:3")
8484    moreover AOT_have S = z [R]a] using S_def .
8485    ultimately AOT_have a[S] using a_prop[THEN "&E"(1)] "→E" "&I" by blast
8486    AOT_thus az [R]a] & ¬az [R]a]  by (metis "0" "raa-cor:3") 
8487  qed
8488  AOT_hence y(A!y & S = z [R]y] & ¬y[S])
8489    by (rule a_prop[THEN "&E"(2), THEN "∀E"(2), THEN "≡E"(1), rotated])
8490  then AOT_obtain b where b_prop: A!b & S = z [R]b] & ¬b[S]
8491    using "∃E"[rotated] by blast
8492  AOT_have 1: a  b
8493    apply (rule "≡dfI"[OF "=-infix"])
8494    using a_enc b_prop[THEN "&E"(2)]
8495    using "¬¬I" "rule=E" id_sym "≡E"(4) "oth-class-taut:3:a"
8496          "raa-cor:3" "reductio-aa:1" by fast
8497  AOT_have a:  [R]a] = ([R]a)
8498    apply (rule "lambda-predicates:3[zero]"[axiom_inst, unvarify p])
8499    by (meson "log-prop-prop:2")
8500  AOT_have b:  [R]b] = ([R]b)
8501    apply (rule "lambda-predicates:3[zero]"[axiom_inst, unvarify p])
8502    by (meson "log-prop-prop:2")
8503  AOT_have  [R]a] =  [R]b]
8504    apply (rule "rule=E"[rotated, OF a[THEN id_sym]])
8505    apply (rule "rule=E"[rotated, OF b[THEN id_sym]])
8506    apply (rule "identity:4"[THEN "≡dfI", OF "&I", rotated])
8507     apply (rule "rule=E"[rotated, OF S_def])
8508    using b_prop "&E" apply blast
8509    apply (safe intro!: "&I")
8510    by (simp add: "log-prop-prop:2")+
8511  AOT_hence A!a & A!b & a  b &  [R]a] =  [R]b]
8512    using 1 a_prop[THEN "&E"(1)] b_prop[THEN "&E"(1), THEN "&E"(1)]
8513          "&I" by auto
8514  AOT_hence y (A!a & A!y & a  y &  [R]a] =  [R]y]) by (rule "∃I")
8515  AOT_thus xy (A!x & A!y & x  y &  [R]x] =  [R]y]) by (rule "∃I")
8516qed
8517
8518AOT_theorem aclassical2: xy (A!x & A!y & x  y & F ([F]x  [F]y))
8519proof -
8520  AOT_have x y ([A!]x & [A!]y & x  y &
8521               z xy F ([F]x  [F]y)]zx] =
8522               z xy F ([F]x  [F]y)]zy])
8523    by (rule "aclassical:1"[THEN "∀E"(1)[where τ="«xy F ([F]x  [F]y)]»"]])
8524       "cqt:2"
8525  then AOT_obtain x where y ([A!]x & [A!]y & x  y &
8526               z xy F ([F]x  [F]y)]zx] =
8527               z xy F ([F]x  [F]y)]zy])
8528    using "∃E"[rotated] by blast
8529  then AOT_obtain y where 0: ([A!]x & [A!]y & x  y &
8530               z xy F ([F]x  [F]y)]zx] =
8531               z xy F ([F]x  [F]y)]zy])
8532    using "∃E"[rotated] by blast
8533  AOT_have z xy F ([F]x  [F]y)]zx]x
8534    by (auto intro!: "β←C"(1) "cqt:2";
8535        simp add: "&I" "ex:1:a" prod_denotesI "rule-ui:3"
8536                  "oth-class-taut:3:a" "universal-cor")
8537  AOT_hence z xy F ([F]x  [F]y)]zy]x
8538    by (rule "rule=E"[rotated, OF 0[THEN "&E"(2)]])
8539  AOT_hence xy F ([F]x  [F]y)]xy
8540    by (rule "β→C"(1))
8541  AOT_hence F ([F]x  [F]y)
8542    using "β→C"(1) old.prod.case by fast
8543  AOT_hence [A!]x & [A!]y & x  y & F ([F]x  [F]y)
8544    using 0 "&E" "&I" by blast
8545  AOT_hence y ([A!]x & [A!]y & x  y & F ([F]x  [F]y)) by (rule "∃I")
8546  AOT_thus xy ([A!]x & [A!]y & x  y & F ([F]x  [F]y)) by (rule "∃I"(2))
8547qed
8548
8549AOT_theorem "kirchner-thm:1":
8550  x φ{x}]  xy(F([F]x  [F]y)  (φ{x}  φ{y}))
8551proof(rule "≡I"; rule "→I")
8552  AOT_assume x φ{x}]
8553  AOT_hence x φ{x}] by (metis "exist-nec" "vdash-properties:10")
8554  moreover AOT_have x φ{x}]  xy(F([F]x  [F]y)  (φ{x}  φ{y}))
8555  proof (rule "RM:1"; rule "→I"; rule GEN; rule GEN; rule "→I")
8556    AOT_modally_strict {
8557      fix x y
8558      AOT_assume 0: x φ{x}]
8559      moreover AOT_assume F([F]x  [F]y)
8560      ultimately AOT_have x φ{x}]x  x φ{x}]y
8561        using "∀E" by blast
8562      AOT_thus (φ{x}  φ{y})
8563        using "beta-C-meta"[THEN "→E", OF 0] "≡E"(6) by meson
8564    }
8565  qed
8566  ultimately AOT_show xy(F([F]x  [F]y)  (φ{x}  φ{y}))
8567    using "→E" by blast
8568next
8569  AOT_have xy(F([F]x  [F]y)  (φ{x}  φ{y})) 
8570            y(x(F([F]x  [F]y) & φ{x})  φ{y})
8571  proof(rule "RM:1"; rule "→I"; rule GEN)
8572    AOT_modally_strict {
8573      AOT_assume xy(F([F]x  [F]y)  (φ{x}  φ{y}))
8574      AOT_hence indisc: φ{x}  φ{y} if F([F]x  [F]y) for x y
8575        using "∀E"(2) "→E" that by blast
8576      AOT_show (x(F([F]x  [F]y) & φ{x})  φ{y}) for y
8577      proof (rule "raa-cor:1")
8578        AOT_assume ¬(x(F([F]x  [F]y) & φ{x})  φ{y})
8579        AOT_hence (x(F([F]x  [F]y) & φ{x}) & ¬φ{y}) 
8580                   (¬(x(F([F]x  [F]y) & φ{x})) & φ{y})
8581          using "≡E"(1) "oth-class-taut:4:h" by blast
8582        moreover {
8583          AOT_assume 0: x(F([F]x  [F]y) & φ{x}) & ¬φ{y}
8584          AOT_obtain a where F([F]a  [F]y) & φ{a}
8585            using "∃E"[rotated, OF 0[THEN "&E"(1)]]  by blast
8586          AOT_hence φ{y}
8587            using indisc[THEN "≡E"(1)] "&E" by blast
8588          AOT_hence p & ¬p for p
8589            using 0[THEN "&E"(2)] "&I" "raa-cor:3" by blast
8590        }
8591        moreover {
8592          AOT_assume 0: (¬(x(F([F]x  [F]y) & φ{x})) & φ{y})
8593          AOT_hence x ¬(F([F]x  [F]y) & φ{x})
8594            using "&E"(1) "cqt-further:4" "→E" by blast
8595          AOT_hence ¬(F([F]y  [F]y) & φ{y})
8596            using "∀E" by blast
8597          AOT_hence ¬F([F]y  [F]y)  ¬φ{y}
8598            using "≡E"(1) "oth-class-taut:5:c" by blast
8599          moreover AOT_have F([F]y  [F]y)
8600            by (simp add: "oth-class-taut:3:a" "universal-cor")
8601          ultimately AOT_have ¬φ{y} by (metis "¬¬I" "∨E"(2))
8602          AOT_hence p & ¬p for p
8603            using 0[THEN "&E"(2)] "&I" "raa-cor:3" by blast
8604        }
8605        ultimately AOT_show p & ¬p for p
8606          using "∨E"(3) "raa-cor:1" by blast
8607      qed
8608    }
8609  qed
8610  moreover AOT_assume xy(F([F]x  [F]y)  (φ{x}  φ{y}))
8611  ultimately AOT_have y(x(F([F]x  [F]y) & φ{x})  φ{y})
8612    using "→E" by blast
8613  AOT_thus x φ{x}]
8614    by (rule "safe-ext"[axiom_inst, THEN "→E", OF "&I", rotated]) "cqt:2"
8615qed
8616
8617AOT_theorem "kirchner-thm:2":
8618  x1...xn φ{x1...xn}]  x1...∀xny1...∀yn
8619    (F([F]x1...xn  [F]y1...yn)  (φ{x1...xn}  φ{y1...yn}))
8620proof(rule "≡I"; rule "→I")
8621  AOT_assume x1...xn φ{x1...xn}]
8622  AOT_hence x1...xn φ{x1...xn}] by (metis "exist-nec" "→E")
8623  moreover AOT_have x1...xn φ{x1...xn}]  x1...∀xny1...∀yn
8624    (F([F]x1...xn  [F]y1...yn)  (φ{x1...xn}  φ{y1...yn}))
8625  proof (rule "RM:1"; rule "→I"; rule GEN; rule GEN; rule "→I")
8626    AOT_modally_strict {
8627      fix x1xn y1yn :: 'a AOT_var›
8628      AOT_assume 0: x1...xn φ{x1...xn}]
8629      moreover AOT_assume F([F]x1...xn  [F]y1...yn)
8630      ultimately AOT_have x1...xn φ{x1...xn}]x1...xn 
8631                           x1...xn φ{x1...xn}]y1...yn
8632        using "∀E" by blast
8633      AOT_thus (φ{x1...xn}  φ{y1...yn})
8634        using "beta-C-meta"[THEN "→E", OF 0] "≡E"(6) by meson
8635    }
8636  qed
8637  ultimately AOT_show x1...∀xny1...∀yn(
8638    F([F]x1...xn  [F]y1...yn)  (φ{x1...xn}  φ{y1...yn})
8639  )
8640    using "→E" by blast
8641next
8642  AOT_have 8643    (x1...∀xny1...∀yn
8644      (F([F]x1...xn  [F]y1...yn)  (φ{x1...xn}  φ{y1...yn})))
8645     y1...∀yn
8646        ((x1...∃xn(F([F]x1...xn  [F]y1...yn) & φ{x1...xn})) 
8647         φ{y1...yn})
8648  proof(rule "RM:1"; rule "→I"; rule GEN)
8649    AOT_modally_strict {
8650      AOT_assume x1...∀xny1...∀yn
8651        (F([F]x1...xn  [F]y1...yn)  (φ{x1...xn}  φ{y1...yn}))
8652      AOT_hence indisc: φ{x1...xn}  φ{y1...yn}
8653        if F([F]x1...xn  [F]y1...yn) for x1xn y1yn
8654        using "∀E"(2) "→E" that by blast
8655      AOT_show (x1...∃xn(F([F]x1...xn  [F]y1...yn) & φ{x1...xn})) 
8656                φ{y1...yn} for y1yn
8657      proof (rule "raa-cor:1")
8658        AOT_assume ¬((x1...∃xn(F([F]x1...xn  [F]y1...yn) & φ{x1...xn})) 
8659                    φ{y1...yn})
8660        AOT_hence ((x1...∃xn(F([F]x1...xn  [F]y1...yn)
8661                    & φ{x1...xn}))
8662                    & ¬φ{y1...yn}) 
8663                  (¬(x1...∃xn(F([F]x1...xn  [F]y1...yn) & φ{x1...xn}))
8664                   & φ{y1...yn})
8665          using "≡E"(1) "oth-class-taut:4:h" by blast
8666        moreover {
8667          AOT_assume 0: (x1...∃xn(F([F]x1...xn  [F]y1...yn) & φ{x1...xn}))
8668                         & ¬φ{y1...yn}
8669          AOT_obtain a1an where F([F]a1...an  [F]y1...yn) & φ{a1...an}
8670            using "∃E"[rotated, OF 0[THEN "&E"(1)]]  by blast
8671          AOT_hence φ{y1...yn}
8672            using indisc[THEN "≡E"(1)] "&E" by blast
8673          AOT_hence p & ¬p for p
8674            using 0[THEN "&E"(2)] "&I" "raa-cor:3" by blast
8675        }
8676        moreover {
8677          AOT_assume 0: ¬(x1...∃xn(F([F]x1...xn  [F]y1...yn) & φ{x1...xn}))
8678                         & φ{y1...yn}
8679          AOT_hence x1...∀xn ¬(F([F]x1...xn  [F]y1...yn) & φ{x1...xn})
8680            using "&E"(1) "cqt-further:4" "→E" by blast
8681          AOT_hence ¬(F([F]y1...yn  [F]y1...yn) & φ{y1...yn})
8682            using "∀E" by blast
8683          AOT_hence ¬F([F]y1...yn  [F]y1...yn)  ¬φ{y1...yn}
8684            using "≡E"(1) "oth-class-taut:5:c" by blast
8685          moreover AOT_have F([F]y1...yn  [F]y1...yn)
8686            by (simp add: "oth-class-taut:3:a" "universal-cor")
8687          ultimately AOT_have ¬φ{y1...yn}
8688            by (metis "¬¬I" "∨E"(2))
8689          AOT_hence p & ¬p for p
8690            using 0[THEN "&E"(2)] "&I" "raa-cor:3" by blast
8691        }
8692        ultimately AOT_show p & ¬p for p
8693          using "∨E"(3) "raa-cor:1" by blast
8694      qed
8695    }
8696  qed
8697  moreover AOT_assume x1...∀xny1...∀yn
8698    (F([F]x1...xn  [F]y1...yn)  (φ{x1...xn}  φ{y1...yn}))
8699  ultimately AOT_have y1...∀yn
8700    ((x1...∃xn(F([F]x1...xn  [F]y1...yn) & φ{x1...xn})) 
8701     φ{y1...yn})
8702    using "→E" by blast
8703  AOT_thus x1...xn φ{x1...xn}]
8704    by (rule "safe-ext"[axiom_inst, THEN "→E", OF "&I", rotated]) "cqt:2"
8705qed
8706
8707AOT_theorem "kirchner-thm-cor:1":
8708  x φ{x}]  xy(F([F]x  [F]y)  (φ{x}  φ{y}))
8709proof(rule "→I"; rule GEN; rule GEN; rule "→I")
8710  fix x y
8711  AOT_assume x φ{x}]
8712  AOT_hence xy (F ([F]x  [F]y)  (φ{x}  φ{y}))
8713    by (rule "kirchner-thm:1"[THEN "≡E"(1)])
8714  AOT_hence xy (F ([F]x  [F]y)  (φ{x}  φ{y}))
8715    using CBF[THEN "→E"] by blast
8716  AOT_hence y (F ([F]x  [F]y)  (φ{x}  φ{y}))
8717    using "∀E" by blast
8718  AOT_hence y (F ([F]x  [F]y)  (φ{x}  φ{y}))
8719    using CBF[THEN "→E"] by blast
8720  AOT_hence (F ([F]x  [F]y)  (φ{x}  φ{y}))
8721    using "∀E" by blast
8722  AOT_hence F ([F]x  [F]y)  (φ{x}  φ{y})
8723    using "qml:1"[axiom_inst] "vdash-properties:6" by blast
8724  moreover AOT_assume F([F]x  [F]y)
8725  ultimately AOT_show (φ{x}  φ{y}) using "→E" "ind-nec" by blast
8726qed
8727
8728AOT_theorem "kirchner-thm-cor:2":
8729  x1...xn φ{x1...xn}]  x1...∀xny1...∀yn
8730    (F([F]x1...xn  [F]y1...yn)  (φ{x1...xn}  φ{y1...yn}))
8731proof(rule "→I"; rule GEN; rule GEN; rule "→I")
8732  fix x1xn y1yn
8733  AOT_assume x1...xn φ{x1...xn}]
8734  AOT_hence 0: x1...∀xny1...∀yn
8735    (F ([F]x1...xn  [F]y1...yn)  (φ{x1...xn}  φ{y1...yn}))
8736    by (rule "kirchner-thm:2"[THEN "≡E"(1)])
8737  AOT_have x1...∀xny1...∀yn
8738    (F ([F]x1...xn  [F]y1...yn)  (φ{x1...xn}  φ{y1...yn}))
8739  proof(rule GEN; rule GEN)
8740    fix x1xn y1yn
8741    AOT_show (F ([F]x1...xn  [F]y1...yn)  (φ{x1...xn}  φ{y1...yn}))
8742      apply (rule "RM:1"[THEN "→E", rotated, OF 0]; rule "→I")
8743      using "∀E" by blast
8744  qed
8745  AOT_hence y1...∀yn (F ([F]x1...xn  [F]y1...yn) 
8746                         (φ{x1...xn}  φ{y1...yn}))
8747    using "∀E" by blast
8748  AOT_hence (F ([F]x1...xn  [F]y1...yn)  (φ{x1...xn}  φ{y1...yn}))
8749    using "∀E" by blast
8750  AOT_hence (F ([F]x1...xn  [F]y1...yn)  (φ{x1...xn}  φ{y1...yn}))
8751    using "∀E" by blast
8752  AOT_hence 0: F ([F]x1...xn  [F]y1...yn)  (φ{x1...xn}  φ{y1...yn})
8753    using "qml:1"[axiom_inst] "vdash-properties:6" by blast
8754  moreover AOT_assume F([F]x1...xn  [F]y1...yn)
8755  moreover AOT_have x1...xn F ([F]x1...xn  [F]y1...yn)] by "cqt:2"
8756  ultimately AOT_have x1...xn F ([F]x1...xn  [F]y1...yn)]x1...xn 
8757                       x1...xn F ([F]x1...xn  [F]y1...yn)]y1...yn
8758    using "∀E" by blast
8759  moreover AOT_have x1...xn F ([F]x1...xn  [F]y1...yn)]y1...yn
8760    apply (rule "β←C"(1))
8761      apply "cqt:2[lambda]"
8762     apply (fact "cqt:2[const_var]"[axiom_inst])
8763    by (simp add: RN GEN "oth-class-taut:3:a")
8764  ultimately AOT_have x1...xn F ([F]x1...xn  [F]y1...yn)]x1...xn
8765    using "≡E"(2) by blast
8766  AOT_hence F ([F]x1...xn  [F]y1...yn)
8767    using "β→C"(1) by blast
8768  AOT_thus (φ{x1...xn}  φ{y1...yn}) using "→E" 0 by blast
8769qed
8770
8771subsection‹Propositional Properties›
8772text‹\label{PLM: 9.12}›
8773
8774AOT_define propositional :: ‹Π  φ› (Propositional'(_'))
8775  "prop-prop1": Propositional([F]) df p(F = y p])
8776
8777AOT_theorem "prop-prop2:1": p y p]
8778  by (rule GEN) "cqt:2[lambda]"
8779
8780AOT_theorem "prop-prop2:2": ν φ]
8781  by "cqt:2[lambda]"
8782
8783AOT_theorem "prop-prop2:3": F = y p]  x([F]x  p)
8784proof (rule "→I")
8785  AOT_assume 0: F = y p]
8786  AOT_show x([F]x  p)
8787    by (rule "rule=E"[rotated, OF 0[symmetric]];
8788        rule RN; rule GEN; rule "beta-C-meta"[THEN "→E"])
8789      "cqt:2[lambda]"
8790qed
8791
8792AOT_theorem "prop-prop2:4": Propositional([F])  Propositional([F])
8793proof(rule "→I")
8794  AOT_assume Propositional([F])
8795  AOT_hence p(F = y p])
8796    using "≡dfE"[OF "prop-prop1"] by blast
8797  then AOT_obtain p where F = y p]
8798    using "∃E"[rotated] by blast
8799  AOT_hence (F = y p])
8800    using "id-nec:2" "modus-tollens:1" "raa-cor:3" by blast
8801  AOT_hence p (F = y p])
8802    using "∃I" by fast
8803  AOT_hence 0: p (F = y p])
8804    by (metis Buridan "vdash-properties:10")
8805  AOT_thus Propositional([F])
8806    using "prop-prop1"[THEN "≡Df"]
8807    by (AOT_subst Propositional([F]) p (F = y p])) auto
8808qed
8809
8810AOT_define indicriminate :: ‹Π  φ› ("Indiscriminate'(_')")
8811  "prop-indis": Indiscriminate([F]) df F & (x [F]x  x [F]x)
8812
8813AOT_theorem "prop-in-thm": Propositional([Π])  Indiscriminate([Π])
8814proof(rule "→I")
8815  AOT_assume Propositional([Π])
8816  AOT_hence p Π = y p] using "≡dfE"[OF "prop-prop1"] by blast
8817  then AOT_obtain p where Π_def: Π = y p] using "∃E"[rotated] by blast
8818  AOT_show Indiscriminate([Π])
8819  proof (rule "≡dfI"[OF "prop-indis"]; rule "&I")
8820    AOT_show Π
8821      using Π_def by (meson "t=t-proper:1" "vdash-properties:6")
8822  next
8823    AOT_show (x [Π]x  x [Π]x)
8824    proof (rule "rule=E"[rotated, OF Π_def[symmetric]];
8825           rule RN; rule "→I"; rule GEN)
8826      AOT_modally_strict {
8827        AOT_assume x y p]x
8828        then AOT_obtain a where y p]a using "∃E"[rotated] by blast
8829        AOT_hence 0: p by (metis "β→C"(1))
8830        AOT_show y p]x for x
8831          apply (rule "β←C"(1))
8832            apply "cqt:2[lambda]"
8833           apply (fact "cqt:2[const_var]"[axiom_inst])
8834          by (fact 0)
8835      }
8836    qed
8837  qed
8838qed
8839
8840AOT_theorem "prop-in-f:1": Necessary([F])  Indiscriminate([F])
8841proof (rule "→I")
8842  AOT_assume Necessary([F])
8843  AOT_hence 0: x1...∀xn [F]x1...xn
8844    using "≡dfE"[OF "contingent-properties:1"] by blast
8845  AOT_show Indiscriminate([F])
8846    by (rule "≡dfI"[OF "prop-indis"])
8847       (metis "0" "KBasic:1" "&I" "ex:1:a" "rule-ui:2[const_var]" "→E") 
8848qed
8849
8850AOT_theorem "prop-in-f:2": Impossible([F])  Indiscriminate([F])
8851proof (rule "→I")
8852  AOT_modally_strict {
8853    AOT_have x ¬[F]x  (x [F]x  x [F]x)
8854      by (metis "∃E" "cqt-orig:3" "Hypothetical Syllogism" "→I" "raa-cor:3")
8855  }
8856  AOT_hence 0: x ¬[F]x  (x [F]x  x [F]x)
8857    by (rule "RM:1")
8858  AOT_assume Impossible([F])
8859  AOT_hence x ¬[F]x
8860    using "≡dfE"[OF "contingent-properties:2"] "&E" by blast
8861  AOT_hence 1: (x [F]x  x [F]x)
8862    using 0 "→E" by blast
8863  AOT_show Indiscriminate([F])
8864    by (rule "≡dfI"[OF "prop-indis"]; rule "&I")
8865       (simp add: "ex:1:a" "rule-ui:2[const_var]" 1)+
8866qed
8867
8868AOT_theorem "prop-in-f:3:a": ¬Indiscriminate([E!])
8869proof(rule "raa-cor:2")
8870  AOT_assume Indiscriminate([E!])
8871  AOT_hence 0: (x [E!]x  x [E!]x)
8872    using "≡dfE"[OF "prop-indis"] "&E" by blast
8873  AOT_hence x [E!]x  x [E!]x
8874    using "KBasic:13" "vdash-properties:10" by blast
8875  moreover AOT_have x [E!]x
8876    by (simp add: "thm-cont-e:3")
8877  ultimately AOT_have x [E!]x
8878    by (metis "vdash-properties:6")
8879  AOT_thus p & ¬p for p
8880    by (metis "≡dfE" "conventions:5" "o-objects-exist:5" "reductio-aa:1")
8881qed
8882
8883AOT_theorem "prop-in-f:3:b": ¬Indiscriminate([E!]-)
8884proof (rule "rule=E"[rotated, OF "rel-neg-T:2"[symmetric]];
8885       rule "raa-cor:2")
8886  AOT_assume Indiscriminate(x ¬[E!]x])
8887  AOT_hence 0: (x x ¬[E!]x]x  x x ¬[E!]x]x)
8888    using "≡dfE"[OF "prop-indis"] "&E" by blast
8889  AOT_hence x x ¬[E!]x]x  x x ¬[E!]x]x
8890    using "→E" "qml:1" "vdash-properties:1[2]" by blast
8891  moreover AOT_have x x ¬[E!]x]x
8892    apply (AOT_subst x ¬E!x]x ¬E!x for: x)
8893    apply (rule "beta-C-meta"[THEN "→E"])
8894     apply "cqt:2"
8895    by (metis (full_types) "B◇" RN "T◇" "cqt-further:2"
8896                           "o-objects-exist:5" "→E")
8897  ultimately AOT_have 1: x x ¬[E!]x]x
8898    by (metis "vdash-properties:6")
8899  AOT_hence x ¬[E!]x
8900    by (AOT_subst (reverse) ¬[E!]x  x ¬[E!]x]x for: x)
8901       (auto intro!: "cqt:2" "beta-C-meta"[THEN "→E"])
8902  AOT_hence x ¬[E!]x by (metis "CBF" "vdash-properties:10")
8903  moreover AOT_obtain a where abs_a: O!a
8904    using "∃E" "o-objects-exist:1" "qml:2"[axiom_inst] "→E" by blast
8905  ultimately AOT_have ¬[E!]a using "∀E" by blast
8906  AOT_hence 2: ¬[E!]a by (metis "≡dfE" "conventions:5" "reductio-aa:1")
8907  AOT_have A!a
8908    apply (rule "=dfI"(2)[OF AOT_abstract])
8909     apply "cqt:2[lambda]"
8910    apply (rule "β←C"(1))
8911      apply "cqt:2[lambda]"
8912    using "cqt:2[const_var]"[axiom_inst] apply blast
8913    by (fact 2)
8914  AOT_thus p & ¬p for p using abs_a
8915    by (metis "≡E"(1) "oa-contingent:2" "reductio-aa:1")
8916qed
8917
8918AOT_theorem "prop-in-f:3:c": ¬Indiscriminate(O!)
8919proof(rule "raa-cor:2")
8920  AOT_assume Indiscriminate(O!)
8921  AOT_hence 0: (x O!x  x O!x)
8922    using "≡dfE"[OF "prop-indis"] "&E" by blast
8923  AOT_hence x O!x  x O!x
8924    using "qml:1"[axiom_inst] "vdash-properties:6" by blast
8925  moreover AOT_have x O!x
8926    using "o-objects-exist:1" by blast
8927  ultimately AOT_have x O!x
8928    by (metis "vdash-properties:6")
8929  AOT_thus p & ¬p for p
8930    by (metis "o-objects-exist:3" "qml:2"[axiom_inst] "raa-cor:3" "→E")
8931qed
8932
8933AOT_theorem "prop-in-f:3:d": ¬Indiscriminate(A!)
8934proof(rule "raa-cor:2")
8935  AOT_assume Indiscriminate(A!)
8936  AOT_hence 0: (x A!x  x A!x)
8937    using "≡dfE"[OF "prop-indis"] "&E" by blast
8938  AOT_hence x A!x  x A!x
8939    using "qml:1"[axiom_inst] "vdash-properties:6" by blast
8940  moreover AOT_have x A!x
8941    using "o-objects-exist:2" by blast
8942  ultimately AOT_have x A!x
8943    by (metis "vdash-properties:6")
8944  AOT_thus p & ¬p for p
8945    by (metis "o-objects-exist:4" "qml:2"[axiom_inst] "raa-cor:3" "→E")
8946qed
8947
8948AOT_theorem "prop-in-f:4:a": ¬Propositional(E!)
8949  using "modus-tollens:1" "prop-in-f:3:a" "prop-in-thm" by blast
8950
8951AOT_theorem "prop-in-f:4:b": ¬Propositional(E!-)
8952  using "modus-tollens:1" "prop-in-f:3:b" "prop-in-thm" by blast
8953
8954AOT_theorem "prop-in-f:4:c": ¬Propositional(O!)
8955  using "modus-tollens:1" "prop-in-f:3:c" "prop-in-thm" by blast
8956
8957AOT_theorem "prop-in-f:4:d": ¬Propositional(A!)
8958  using "modus-tollens:1" "prop-in-f:3:d" "prop-in-thm" by blast
8959
8960AOT_theorem "prop-prop-nec:1": p (F = y p])  p(F = y p])
8961proof(rule "→I")
8962  AOT_assume p (F = y p])
8963  AOT_hence p (F = y p])
8964    by (metis "BF◇" "→E")
8965  then AOT_obtain p where (F = y p])
8966    using "∃E"[rotated] by blast
8967  AOT_hence F = y p]
8968    by (metis "derived-S5-rules:2" emptyE "id-nec:2" "→E")
8969  AOT_thus p(F = y p]) by (rule "∃I")
8970qed
8971
8972AOT_theorem "prop-prop-nec:2": p (F  y p])  p(F  y p])
8973proof(rule "→I")
8974  AOT_assume p (F  y p])
8975  AOT_hence (F  y p]) for p
8976    using "∀E" by blast
8977  AOT_hence (F  y p]) for p
8978    by (rule "id-nec2:2"[unvarify β, THEN "→E", rotated]) "cqt:2"
8979  AOT_hence p (F  y p]) by (rule GEN)
8980  AOT_thus p (F  y p]) using BF[THEN "→E"] by fast
8981qed
8982
8983AOT_theorem "prop-prop-nec:3": p (F = y p])  p(F = y p])
8984proof(rule "→I")
8985  AOT_assume p (F = y p])
8986  then AOT_obtain p where (F = y p]) using "∃E"[rotated] by blast
8987  AOT_hence (F = y p]) by (metis "id-nec:2" "→E")
8988  AOT_hence p(F = y p]) by (rule "∃I")
8989  AOT_thus p(F = y p]) by (metis Buridan "→E")
8990qed
8991
8992AOT_theorem "prop-prop-nec:4": p (F  y p])  p(F  y p])
8993proof(rule "→I")
8994  AOT_assume p (F  y p])
8995  AOT_hence p (F  y p]) by (metis "Buridan◇" "→E")
8996  AOT_hence (F  y p]) for p
8997    using "∀E" by blast
8998  AOT_hence F  y p] for p
8999    by (rule "id-nec2:3"[unvarify β, THEN "→E", rotated]) "cqt:2"
9000  AOT_thus p (F  y p]) by (rule GEN)
9001qed
9002
9003AOT_theorem "enc-prop-nec:1":
9004  F (x[F]  p(F = y p]))  F(x[F]  p (F = y p]))
9005proof(rule "→I"; rule GEN; rule "→I")
9006  fix F
9007  AOT_assume F (x[F]  p(F = y p]))
9008  AOT_hence F (x[F]  p(F = y p]))
9009    using "Buridan◇" "vdash-properties:10" by blast
9010  AOT_hence 0: (x[F]  p(F = y p])) using "∀E" by blast
9011  AOT_assume x[F]
9012  AOT_hence x[F] by (metis "en-eq:2[1]" "≡E"(1))
9013  AOT_hence p(F = y p])
9014    using 0 by (metis "KBasic2:4" "≡E"(1) "vdash-properties:10")
9015  AOT_thus p(F = y p])
9016    using "prop-prop-nec:1"[THEN "→E"] by blast
9017qed
9018
9019AOT_theorem "enc-prop-nec:2":
9020  F (x[F]  p(F = y p]))  F(x[F]  p (F = y p]))
9021  using "derived-S5-rules:1"[where Γ="{}", simplified, OF "enc-prop-nec:1"]
9022  by blast
9023
9024(*<*)
9025end
9026(*>*)